Crime and Policing Act 2026: Expansion of senior manager criminal liability
TLT picks out the key points you shouldn’t miss...
What’s this about?
The Crime and Policing Act 2026 significantly expands UK corporate criminal liability. Organisations can now be held criminally liable for any offence committed by a senior manager acting within the scope of their authority — extending far beyond the previous focus on economic and financial crimes. The change materially increases risk exposure for boards and senior management teams across all sectors.
Our Head of Risk and Financial Crime, Ben Cooper says...
“This change quietly but fundamentally rewrites the UK’s approach to corporate criminal liability. Firms that thought corporate exposure was largely confined to economic crime will need to reassess governance, accountability and oversight across the full spectrum of criminal risk.”
The points not to miss...
The Act extends the senior manager attribution model so that corporates can now be criminally liable for any offence committed by a senior manager acting within the actual or apparent scope of their authority.
Prosecutors no longer need to prove involvement of the company’s ‘directing mind and will’. Liability may arise from the conduct of senior managers who play a significant role in managing or organising all or a substantial part of the business.
Unlike certain failure‑to‑prevent regimes, this reform does not include a statutory reasonable or adequate procedures defence. Governance, controls and training may mitigate risk, but they will not prevent liability from attaching.
The change is likely to sharpen focus on senior management structures, delegation of authority, oversight and challenge, particularly in highly regulated sectors and firms subject to SMCR‑style accountability.
Risk assessments, training programmes and escalation frameworks need to extend beyond financial crime to cover wider criminal exposure across operations, supply chains and decision‑making functions.
What should firms do now?
- Re-map senior manager risk exposure: Identify who qualifies as a “senior manager” in practice, not just by title, and assess where their decision making could give rise to criminal liability across any offence category.
- Broaden criminal risk assessments: Extend enterprise wide risk assessments beyond economic crime to include areas such as health and safety, environmental, employment, data, modern slavery and regulatory offences, focusing on senior manager discretion and authority.
- Stress test governance and decision making: Review delegations of authority, escalation routes, management information and decision logs to ensure there is effective oversight, challenge and accountability at senior levels.
- Refresh senior leadership training: Ensure training for boards and senior managers reflects the breadth of offences now capable of triggering corporate criminal liability, not just traditional financial crime risks.
- Review detection, escalation and response frameworks: Confirm that potential criminal issues are identified and escalated promptly across all business areas — not just compliance or financial crime teams.
- Prepare for earlier and broader enforcement: Firms should assume enforcement bodies will seek to use this expanded attribution model early and be ready to demonstrate effective control, oversight and governance when issues arise.
At a glance...
This publication is intended for general guidance and represents our understanding of the relevant law and practice as at May 2026. Specific advice should be sought for specific cases. For more information see our terms & conditions.
Get in touch
%20%C3%94%C3%87%C3%B4%20790px%20X%20451px%2072ppi2.jpg)
Insights & events
Crime and Policing Act 2026: Expansion of senior manager criminal liability
FCA Synthetic Data and Anti-Money Laundering project report: Key points for financial services firms
SM&CR reform: HM Treasury announces Senior Managers and Certification Regime reforms
FCA's findings on Customer Due Diligence processes and controls: Good and poor practices
FCA and PRA publish final rules on operational incident reporting: firms have to ready by 18 March 2027
FCA finalises Phase 1 SM&CR reforms: what firms need to do now
PRA publishes Phase 1 SM&CR reforms: What firms need to know now
FCA puts inactive appointed representatives under the microscope
SFO publishes business plan for 2025-26: Geared for the future
FCA sets expectations for stronger outcome‑focused governance in Year 3 Consumer Duty board reporting
FCA's guidance on targeted support in consumer segment design: considerations for firms
The Bank of England and PRA set out plans for safe AI innovation: What firms need to know
FCA regulatory priorities 2026: Cross-sector themes and what they mean for firms
FCA turns to AI to fight fraud: What the Palantir contract means for financial regulation
FCA publishes consumer understanding good practice and areas for improvement
PRA, BoE and FCA material third-party reporting requirements
TLT continues growth of financial services regulatory team with appointment of new partner
