Historic Houses of Parliament and Big Ben clock tower.

What does the SFO’s new guidance mean for corporates?

What does the SFO’s new guidance mean for corporates?

Business Ethics Debates | read time: 7 min

Published: 16 March 2026

Historic Houses of Parliament and Big Ben clock tower.

GoodCorporation’s latest business ethics debate at the House of Lords explored what the Serious Fraud Office’s (SFO) new corporate guidance means for businesses. The discussion examined how the guidance might work in practice and what “effective” really looks like under increased prosecutorial scrutiny.

Hosted by Lord Garnier KC, a driving force behind the Economic Crime and Corporate Transparency Act (ECCTA) in the House of Lords, the debate was introduced by Sabha MacManus, Associate General Counsel at the Serious Fraud Office (SFO).

Sabha opened the debate by noting that businesses are operating in a period of political, economic and technological uncertainty, often under pressure to adapt and prioritise commercial outcomes. In such conditions, protecting reputation and integrity becomes even more important. As experience shows, it is often when operating in uncertain and highly pressurised times, that fraud, bribery and corruption occur and are more likely to be exposed.

The SFO’s clear direction of travel

The SFO is unwavering in its commitment to fighting economic crime. It is supported by a strengthened legislative framework and an expanding enforcement toolkit. Sabha highlighted four developments that illustrate this direction of travel:

  1. The shifting corporate liability landscape: The Bribery Act remains a far-reaching tool but more recently the ECCTA has strengthened accountability by expanding the identification doctrine to senior managers and introducing the Failure to Prevent Fraud offence. As such, the law has greater reach over corporates that ever before strengthening the SFO’s ability to bring about a successful prosecution.
  2. Deepening international cooperation: Given the increasingly international nature of economic crime, the SFO is continuing to strengthen partnerships with overseas prosecutors, with the International Anti-Corruption Prosecutorial Taskforce a good example of how prosecutors are working together.
  3. Increased SFO capability: Funding commitments in the most recent spending review are enabling investment in intelligence, crypto expertise, AI tools and increased headcount.
  4. Incentivisation for whistle-blowers: The inclusion of whistleblower incentivisation in the Government’s Anti-Corruption Strategy will help align the UK’s framework more closely with international best practice.

The new guidance: defining what ‘good’ looks like

Introducing the new guidance, Sabha positioned the suite of SFO documents as practical tools for corporates that provide greater clarity on what ‘good’ looks like in practice, designed to assist legal teams in discharging their obligations.

She described the three pieces of guidance published in 2025:

  • The Joint SFO-CPS Corporate Prosecution Guidance explains how corporate criminal liability is assessed.
  • The SFO Guidance on Evaluating a Corporate Compliance Programme sets out the six scenarios in which the SFO will evaluate a compliance programmes and the relevant factors for each scenario.
  • The Corporate Cooperation Guidance clarifies what organisations can expect when self‑reporting, and explains how prompt self‑reporting and cooperation will influence the SFO’s enforcement approach.

A consistent message runs through all three: prevention remains the strongest safeguard, and compliance will be examined not only in design but in application. Programmes must be real, lived and capable of working in practice, not treated as tick-box exercises.

On cooperation, Sabha drew a clear distinction between self-reporting and genuine cooperation. Cooperation is a demonstration of conduct that goes beyond minimum legal obligations, it shows transparent engagement and a commitment to doing the right thing, rather than emerging as a tactical position brought on by necessity.

The message was clear: the enforcement environment is not softening, it is becoming more structured, more coordinated and more focused on corporate accountability.

The debate

Guests were asked whether they had made changes to their compliance programmes following publication of the guidance, and what challenges they may have encountered in its implementation. Responses reflected a range of approaches, largely shaped by how far organisations had already progressed in preparing for the ECCTA.

Programme evolution, rather than revolution?

For many participants, the guidance itself had not been a catalyst for significant change. The new obligations introduced by the ECCTA had already led many to evaluate systems, re-assess risk, particularly with regard to outward fraud, and to raise awareness internally in recognition of the increased scope and responsibilities of the new law.

For many organisations, the guidance was welcomed for providing clarity as to SFO expectations and giving legal teams a useful tool against which existing programmes could be evaluated. It was also seen as particularly helpful for those new in role who needed to ensure that systems and processes would be fit for purpose.

Culture is key

Culture and its importance were discussed at length. Many participants agreed that culture is key to effective compliance helping to embed the right behaviours and influence good decision-making. This, it was felt, is critical to ensuring that compliance programmes really work “in practice”, prevent misconduct across operations, and help future proof their organisations.

Several participants noted that the ECCTA’s emphasis on outward fraud has already helped with this. Its broader definition of fraud has brought different business functions into the fraud prevention process, raising awareness more broadly and making this more of a company-wide issue. This also points to culture and its important role in shaping behaviours across the business.

There was strong agreement that embedding the right behaviours is not a one-off compliance project, but rather a sustained effort which needs to go beyond e-learning and tick-box training, for example with recruiting the right people in the right ways. It was also recognised that this can be challenging, particularly when embedding expectations of behaviour across supply chains, third parties and decentralised or freelance workforces. Embedding the right culture is something that will need to be monitored and reviewed, with changes likely as businesses evolve or expand over time.

Proportionality in a principles-based regime

The principles-based nature of the guidance prompted some discussion.

Many welcomed the absence of prescriptive requirements, noting that the diverse nature of businesses and their distinct risk profiles would preclude the guidance from being more specific.

Whilst some would have welcomed more precise advice on managing risks and the resources recommended by the SFO to do so, there was a general recognition that the more principles-based approach allows organisations to tailor procedures more proportionally to their specific size, structures and risks.

While some may struggle with defining reasonable, the majority found the guidance to be a helpful framework for what good should look like and a useful lever for internal discussions.

A practical framework and a boardroom lever

Many participants noted that the guidance has been helpful in board-level conversations and board papers because its sets out clearly what the SFO expects, therefore providing a clear structure for evaluating ECCTA and UK Bribery Act compliance, accountability and oversight. Being able to use this at board level was felt to be particularly useful for obtaining the resources needed to build the systems and processes that would ensure compliance and help protect the business moving forwards.

In some organisations, the guidance is being used as a practical framework for internal evaluation. An example provided was running a compliance culture survey across the group to assess how expectations are understood and embedded.

For others, particularly those operating in accordance with guidance set out by other regulators such as the Department of Justice in the US, the SFO’s approach was welcomed for its alignment with other leading international regimes, reinforcing the need to build effective systems that direct behaviours and can be seen to work on the ground.

Progress does not mean perfect

Closing the discussion, Sabha returned to the purpose of both the SFO and the Ministry of Justice/Home Office guidance. A compliance programme should not be a file on a shelf, she cautioned. The guidance was designed as a tool to help shape corporate behaviour, inform decision-making at the highest levels and embed principles into corporate culture.

She was also clear that even the perfect compliance programme cannot prevent all wrongdoing. “What matters is whether organisations can demonstrate that they have understood their risks, acted on them and put in place controls that operate effectively in practice, both across their own organisations and across their supplier and associated person’s network and when things do go wrong and misconduct surfaces, they demonstrate honest engagement, genuine cooperation and a culture grounded in integrity.

The GoodCorporation view

It was clear from the discussion that there has been a real push to review and strengthen fraud prevention and anti-corruption programmes. It is also clear that the SFO is committed to building a robust prosecutorial regime, while striving to steer companies towards establishing effective practices and procedures that will mitigate corrupt behaviour.

The guidance is helpful in setting out the SFO’s expectations, providing a framework that can be tailored to individual business needs and risks.

The focus on culture is important. Ensuring that behaviour on the ground reflects the policies in place and shows a genuine attempt to prevent misconduct is going to be critical. This will extend to understanding where the risks lie in supply chains and associated third parties. Building the right behaviours in these associated entities can be a particular challenge, but our experience tells us that this is often where corrupt practices start and must be a focus for those organisations where this risk is high. Not only is this the best approach to mitigate corrupt practice, it will also ensure that a company can withstand scrutiny and meet the expectations not just of the SFO but other regulators.

GoodCorporation has over 25 years of experience helping businesses to evaluate the effectiveness of their practices and procedures, not just in their own organisations, but in associated entities, third parties and supply chains. We have extensive expertise in designing, building, embedding and assessing programmes in line with the standards expected by the SFO, AFA, DOJ and global best practice.

Visit our fraud prevention and anti‑bribery and corruption webpages to learn more about how we support organisations in strengthening their controls, or download free copies of our Frameworks on Preventing Fraud and Framework on Bribery and Corruption below.

work with us