Senior Managers in the Spotlight: The Crime and Policing Act 2026 and Corporate Criminal Exposure

On 29 April 2026, the Crime and Policing Act 2026 (the Act) received royal assent, ushering in far-reaching reform of UK corporate criminal liability. Section 250 of the Act comes into force on 29 June 2026 and will fundamentally change the basis upon which organisations can be held criminally liable for the conduct of their people. This article explains what the new provision does, its relevance, and suggested practical steps firms can be taking now.

What Does Section 250 Provide?

Section 250 establishes a new, general principle of corporate criminal attribution. It provides that where a senior manager of a body corporate or partnership, acting within the actual or apparent scope of their authority, commits any criminal offence under the law of England and Wales, Scotland or Northern Ireland, the organisation also commits that offence. Notably, the provision applies to bodies corporate, which includes limited liability partnerships (LLPs), as well as to traditional partnerships.

The only statutory exception is where: (a) all of the relevant conduct occurs outside the United Kingdom; and (b) the organisation would not itself commit the offence if the conduct were attributed to it rather than to the individual. 

How Does This Change the Existing Law?

Previously, corporate criminal liability in the UK rested primarily on the “identification doctrine” – the requirement that the offending individual be shown to be the “directing mind and will” of the company, typically a director or member of the C-suite. This test was difficult to satisfy in large, decentralised organisations where day-to-day decision-making often occurs below the boardroom. 

The Economic Crime and Corporate Transparency Act 2023 (ECCTA) began to address this gap by introducing senior manager attribution for specified economic crimes. Section 250 casts the next significantly wider: it extends the attribution principle across the full range of criminal offences capable of being committed by a corporate entity, and expressly repeals the corresponding ECCTA provisions. The result is a single, broadly applicable rule that no longer confines senior manager attribution to economic crime.

Who Is a “Senior Manager”?

The statutory definition is deliberately broad and functional. A “senior manager” is any individual who plays a significant role in: (a) the making of decisions about how the whole or a substantial part of the organisation’s activities are to be managed or organised; or (b) the actual managing or organising of the whole or a substantial part of those activities.

Crucially, the test turns on substance rather than job title. Therefore, it will not only reach directors, but also divisional heads, operational leads and any other individuals who wield meaningful decision-making authority over a significant part of the business. FCA-regulated and PRA-regulated firms should note that this definition is distinct from the Senior Manager Function under the FCA’s Senior Managers and Certification Regime. 

Key Implications for Financial Services Firms

Breadth of offences covered. The provision applies to all criminal offences capable of corporate commission, not merely economic crimes. We envision that this may encompass not only fraud, money laundering and market abuse, but also data protection offences, environmental crimes, modern slavery offences, and health and safety breaches.

No “reasonable procedures” defence. Unlike the failure to prevent fraud offence under ECCTA, there is no statutory defence of having adequate compliance procedures in place.

Increased likelihood of investigation and prosecution. As prosecutors need only establish that a senior manager committed an offence within the scope of their authority – rather than prove the involvement of the “directing mind and will” – the threshold for corporate liability is substantially lower. 

Practical Steps for Firms

Ahead of the new rules coming into force on 29 June 2026, firms may look to take the following steps:

• Senior manager mapping to identify which individuals within the organisation satisfy the statutory definition, focusing on the substance of their role.
• Risk assessment of the criminal offences to which the firm is most exposed by virtue of its senior managers’ activities.
• Training individuals who may qualify as senior managers – so that they receive focused training on the new rules, their obligations, and how to identify and escalate potential criminal issues.
• Compliance programme review to reduce the opportunity for criminal conduct within areas of senior management responsibility.
• Review D&O insurance to ensure sufficient coverage.

Key Takeaways

When it comes into force on 29 June 2026, Section 250 of the Crime and Policing Act 2026 will represent a fundamental expansion of UK corporate criminal liability. It replaces the narrow identification doctrine with a broad attribution principle that exposes organisations to liability for any criminal offence committed by a senior manager acting within their authority. There is no reasonable procedures defence, and the definition of “senior manager” will capture individuals below board level. It is advisable to take preparatory steps now ahead of this new era of corporate accountability.

Section 250 of the Crime and Policing Act 2026 can be found here.