Economic Crime and Corporate Transparency Act 2023

Following the Economic Crime (Transparency and Enforcement) Act 2022 which came into force last year, (and, amongst other things, introduced new rules governing transparency of ownership of UK property), the second phase of the government's reform package tackling economic crime, the Economic Crime and Corporate Transparency Act 2023 (the "Act"), received royal assent on 26 October 2023.

The key objectives of the Act are:

1. To prevent organised criminals from using UK companies and other corporate entities;
2. To strengthen the UK’s response to economic crime by giving law enforcement new powers to seize cryptoassets and enabling businesses in the financial sector to share information more effectively to prevent and detect economic crime; and
3. To support enterprise by enabling Companies House to deliver a better service for UK companies.

With these objectives in mind, the Act introduces numerous reforms:

The Act makes a range of changes to the objectives and powers of Companies House. It introduces identity verification for new and existing directors, persons with significant control ("PSCs") and individuals delivering documents to the Registrar. An individual's identity will need to be verified either by Companies House, or an authorised corporate service provider (such as a law firm which has registered with Companies House).

Companies House will have increased powers to verify and decline information submitted or already existing on the register, as well as further investigative and enforcement powers. More protection will also be given to personal information supplied to Companies House, in an effort to limit the opportunities for fraud. In certain circumstances, individuals on the register will be able to apply to have their personal information removed from public view (further regulations are expected to confirm who would be eligible to apply for this).

The Companies Act 2006 currently provides that the role of the Registrar is to register company information and make it publicly available. The Act is intended to improve the accuracy and integrity of information on the register, and gives Companies House new powers to achieve this, including the right to:

• reject documents for inconsistencies;
• require additional information;
• require inconsistencies to be resolved;
• remove from the register existing material previously accepted;
• require businesses to report discrepancies;
• analyse information for the purposes of crime prevention or detection;
• make provision for financial penalties for breaches to the Companies Act 2006; and
• require delivery by electronic means.

Various changes to procedures and reporting requirements are made by the Act and these will directly impact existing or new companies when they are introduced. The changes include the following:

• Directors will be prohibited from acting unless their identity has been verified or they fall within an exemption (a list of exemptions has not yet been published). An obligation will be placed on companies to ensure that individuals do not act as directors until their identity has been verified;
• Companies will no longer be required to maintain their own PSC register, this will just be held at Companies House;
• On incorporation of a company, a statement of lawful purpose must be made and the full name of subscribers must be included in the memorandum of association;
• There will be a requirement to maintain an email address for the company, which must be appropriate. An email address is deemed appropriate if an email sent to it by Companies House would be expected to come to the attention of a person acting on behalf of the company;
• Further restrictions on company names are introduced by the Act;
• A company's registered office address must be an appropriate address. Similar to the appropriate email address, a registered office address will be deemed appropriate if documents sent to it by Companies House would be expected to come to the attention of and be capable of acknowledgement by a person acting on behalf of the company;
• It will no longer be necessary for companies to maintain their own register of directors, register of directors' residential addresses or register of secretaries;
• Companies will have to maintain their own register of members, and the option to store a register of members at Companies House will be revoked;
• Micro-entities will be required to file a balance sheet and a profit and loss account;
• Small companies will be required to file a balance sheet, a profit and loss account and a directors' report (they will no longer have the option to file abridged accounts or filleted accounts);
• Companies House will also have greater fee-raising powers which take into consideration its new functions under the Act when determining the level of fees it charges to companies;
• Whilst new PSCs will need to have their identities verified, the Act does not immediately require identity verification for existing PSCs. It is expected that further regulations will introduce a deadline in the future for existing PSCs to comply with the new requirement.

Companies House have issued a statement confirming that companies do not need to do anything differently just yet. Secondary legislation and system development are required before many of these changes are introduced.

The statement from Companies House includes a list of "early measures" which it expects will come into force in early 2024. This list includes the requirement for companies to supply a registered email address and the new rules requiring companies to always have an appropriate registered office address.

However, it is unclear how long it will be before Companies House introduces the other changes, such as the identity verification for directors and PSCs, or the rules relating to the filing of accounts come into force.

In certain situations, the Act provides that regulated businesses will be able to share information between each other more easily for the purpose of preventing, detecting and investigating economic crime. This will be achieved by the removal of civil liability for breaches of customer confidentiality for businesses, provided that the shared information would assist the receiving firm with customer due diligence and determining safeguarding action for tackling economic crime. Businesses may also be permitted to indirectly share information through a third party such as the National Fraud Database. However, continued compliance with data protection law will still be required meaning any such information sharing needs to be carefully considered and justified for UK GDPR purposes.

Another reason for increasing the Registrar's powers to maintain the integrity of the register is to encourage it to share information with other authorities. Companies House will have the power to analyse information to detect or prevent crime, and then the ability to disclose information to any authority for these purposes.

The Act introduces a new corporate offence of failing to prevent fraud. Only large organisations will be able to commit such an offence. Large organisations are defined as corporates and partnerships who meet two of the following criteria in the year proceeding the fraud offence:

• A turnover of more than £36 million;
• A balance sheet total of more than £18 million;
• More than 250 employees.

An offence would be committed by a large organisation if a person associated with it commits a fraud offence intending to benefit the organisation or any person to whom they provide services on behalf of the organisation. Fraud offences are listed in the Act and include cheating the public revenue and statutory offences such as false accounting.

The Act introduces a number of reforms to prevent the abuse of limited partnerships such as tighter registration and greater transparency requirements. Under the Act, limited partnerships will be required to maintain a connection to the UK.

The Act also includes provisions regarding cryptoassets. Criminal confiscation and civil recovery powers under parts of the Proceeds of Crime Act 2002 are amended, to aid law enforcement agencies in tackling the criminal use of cryptoassets.

Despite a ban on corporate directors being an intention of the government following consultations regarding corporate transparency, this Act does not implement such a ban. However, the government has announced that it will use existing powers to limit the use of corporate directors moving forward. Further regulations are expected to be published in relation to this.

The wide range of changes proposed by the Act will no doubt help to strengthen the UK's defences to economic crime. However, the changes will soon impact corporate entities of all sizes. The full list of the "early measures" referred to above, which has been published by Companies House and are expected to come into force in early 2024, may be found here.