Corporate criminal liability in England and Wales: what the Crime and Policing Act 2026 means for businesses

The Crime and Policing Bill 2025 received Royal Assent on 29 April 2026 and has now become The Crime and Policing Act 2026 (the “Act”). One of its smallest but most significant reforms is set to change how criminal liability is attributed to companies in England and Wales. From 29 June 2026, it will be substantially easier for prosecutors to hold organisations accountable for criminal wrongdoing committed by individuals defined as “senior managers” acting within the course of their duties.  The reforms go far beyond financial crime, bringing all criminal offences within scope.

Key takeaways

The new regime moves corporate liability beyond the traditional “directing mind and will” approach and creates a broader route to the prosecution of organisations. The Government says the reform is intended to better reflect decentralised decision-making structures in larger businesses and partnerships.

What has changed?

Other than for a few specified offences, companies were typically only criminally liable where an individual representing the organisation’s “directing mind and will” (usually board-level) committed an offence. This made prosecutions of large or complex organisations difficult.

The 2026 Act replaces this with a broader rule:

• A company can now be held criminally liable if a “senior manager” commits a criminal offence;
• This applies if the individual was acting within their “actual or apparent scope of authority”.

Crucially, this rule applies to all criminal offences – not just economic crimes.

What does this mean in practice?

The new regime is likely to matter most where businesses have:

• layered management structures;
• delegated operational authority;
• weak escalation procedures;
• inconsistent oversight across departments; and/or
• poor documentation of decision-making.

In those environments, a single managerial failure may now create corporate exposure that would previously have been harder if not impossible to prove against the company itself.

Who is a “senior manager”?

The definition is intentionally wide and includes any individual playing a significant role in decision-making or managing the whole or a substantial part of the business.

This means liability is no longer confined to the board but extends down to those with decision-making and management authority in more junior roles.

What types of offences are covered?

The new rules apply across the full spectrum of criminal offences, including:

• Financial and economic crime (e.g. fraud, bribery, money laundering);
• Health and safety offences;
• Environmental breaches;
• Data protection offences;
• Computer misuse;
• Offences against the person;
• Modern Slavery; and
• Public order and other regulatory offences.

This represents a major expansion beyond previous legislation which was largely confined to liability for financial and business crime.

Why does this matter for your business?

The practical effect is wider exposure for companies to prosecution. For businesses, this means the risks are no longer confined to board-level conduct. Senior leaders, divisional heads, and other influential decision-makers may now sit much closer to the line between individual wrongdoing and corporate liability. There is a far wider spectrum of offences applicable to companies and a much lower threshold for prosecution: authorities no longer need to identify a board-level “directing mind” involved in the offending.  This brings with it increased exposure and risk to companies.  Given the lower threshold, more frequent investigation and prosecution of companies is anticipated.

What should businesses do now?

Businesses should treat this as a governance and risk-management issue, not just a legal update.

Although there is no “adequate procedures” or compliance defence, organisations should seek to identify and manage this increased risk by undertaking the following:

1. Review governance structures – ensure clarity around roles, responsibilities, and decision-making authority;
2. Identify senior managers – map individuals who may fall within the expanded definition;
3. Identify potential risks which could result in criminal exposure – undertake a risk assessment to identify the key risk areas for the business (health and safety, environmental, financial crime, offences against the person);
4. Strengthen compliance frameworks – update policies, controls, and oversight mechanisms across identified risk areas;
5. Enhance training – provide targeted training for senior managers on legal responsibilities and escalation procedures;
6. Review and revise monitoring and reporting mechanisms – reinforce or implement systems to detect and address misconduct early (e.g. whistleblowing policies); and
7. Document decision-making – maintain clear records demonstrating proper oversight and compliance.

FAQs

What is corporate criminal liability?

Corporate criminal liability is the legal principle that allows a company or partnership to be held criminally responsible for offences committed by individuals acting on its behalf. The 2026 reform creates a broader statutory route to attribution for all crimes, which means unlimited fines for many offences.

Does the new rule only apply  to economic crime?

No. The Government says the reform applies to all crimes, replacing the narrower economic-crime-only position introduced by the Economic Crime and Corporate Transparency Act 2023.

All businesses are likely to be impacted, but those operating in sectors such as health and social care, utilities provision, manufacturing  and with overseas supply chains may have higher levels of unmitigated risks.

Why should businesses act now?

Because the reform lowers the threshold for attributing criminal conduct to organisations, particularly those with decentralised management structures. The Home Office says this is intended to address gaps in the current law and improve the prosecution of modern organisations.

How Gherson can assist

Gherson’s White Collar Crime team has extensive experience advising businesses on corporate criminal liability and risk management.

We assist organisations in assessing exposure under the expanded “senior manager” test, reviewing governance and decision-making structures, and strengthening compliance frameworks across key risk areas.

We also provide strategic advice in relation to regulatory scrutiny and potential criminal investigations, helping organisations respond effectively and mitigate risk at every stage.

For further information or to discuss how these developments may affect your organisation, please contact us.

Follow us on X, Facebook, or LinkedIn to stay-up-to-date.

The information in this blog is for general information purposes only and does not purport to be comprehensive or to provide legal advice.  Whilst every effort is made to ensure the information and law is current as of the date of publication it should be stressed that, due to the passage of time, this does not necessarily reflect the present legal position.  Gherson accepts no responsibility for loss which may arise from accessing or reliance on information contained in this blog.  For formal advice on the current law please do not hesitate to contact Gherson.  Legal advice is only provided pursuant to a written agreement, identified as such, and signed by the client and by or on behalf of Gherson.

©Gherson 2026