The SFO’s prevention partnership with UK PLC: Balancing collaboration and enforcement

Prevention as partnership: the SFO’s evolving corporate engagement agenda

Ephgrave’s early public remarks signalled a desire to engage more directly with companies and their leadership, positioning prevention as a shared enterprise between the SFO and businesses. In contrast to the SFO’s historic focus on enforcement, the agency now sees a role for itself in actively supporting businesses to identify vulnerabilities, benchmark internal controls and strengthen fraud prevention frameworks.

This shift in tone was reflected in the SFO’s 2024-29 Strategy,¹ which committed the agency to developing new relationships with the private sector as part of its broader mission to protect the UK’s economic integrity. The SFO’s 2025-26 Business Plan² identifies delivery of the prevention programme as one of its core priorities for the year, with a focus on forging “new, powerful relationships with those in the private sector who are committed to playing their part in defending the economy”. The plan also frames this prevention work as integral to supporting the government’s wider growth agenda, recognising that investor confidence depends on strong protections against fraud and financial crime. There is, therefore, a growing recognition that effective prevention requires early dialogue, shared intelligence and a degree of practical support for companies seeking to enhance compliance.

Gallagher framed this approach succinctly:

“We also focus on harm to the public. We also focus on UK regulation and integrity. We’re also focused on the economic prosperity of the UK, and we are very, very keen to collaborate with companies in the private sector to prevent bribery and corruption.”

For corporates, this agenda presents both opportunity and risk. On one hand, early engagement offers access to the SFO’s expertise, insight into emerging fraud trends and a chance to mitigate potential enforcement exposure through stronger controls. On the other, engagement may surface deficiencies that require further investigation or disclosure – and participation itself offers no immunity from prosecution where wrongdoing is uncovered.

Key elements of the SFO’s prevention campaign

The prevention campaign is now taking shape across several practical initiatives:

1. CEO engagement and leadership dialogue

Ephgrave has placed particular emphasis on engaging directly with company leadership, highlighting the importance of board-level commitment to effective compliance. He has spoken publicly of plans to reach out directly to CEOs to encourage robust internal governance and prevention frameworks. He has been engaging directly with senior business leaders, including through roundtables at City law firms. His approach reflects a recognition that cultural tone from the top is central to the effectiveness of any compliance programme.

2. The floated SFO “kitemark” concept

As part of this evolving prevention agenda, Ephgrave floated – in conceptual terms – the idea of a potential SFO “kitemark” for companies which are able to demonstrate strong fraud prevention controls. While this proposal has not developed into any formal programme and may not ultimately be implemented, its mention was symbolically significant. It underscored the agency’s broader ambition to recognise and encourage good corporate governance and signalled a shift in tone towards more constructive engagement with business.

3. Data sharing and risk analysis

The SFO has committed to providing companies with free access to data sharing, trends analysis and risk mitigation training. Gallagher explained that the agency is prepared to share anonymised case information, as well as “horizon scanning” products, to highlight the vulnerabilities that led to bribery and corruption happening in the first place. This intelligence-sharing model aims to support companies in strengthening controls and adapting compliance frameworks to evolving fraud risks.

4. Training and capacity-building

The agency’s 2024-29 Strategy includes plans to formalise a specialist training offer, including for corporate partners. Gallagher confirmed that companies would be offered access to events and training aimed at helping in-house teams identify and mitigate bribery and fraud risks.

5. Early dialogue and self-reporting

The SFO’s updated corporate cooperation guidance (which we addressed in this article) places particular emphasis on early, proactive engagement where issues are identified internally. The agency has sought to clarify its expectations around self-reporting, evidence preservation and cooperation, signalling that companies willing to engage promptly and transparently are more likely to receive credit in any subsequent resolution process.

6. Balancing “the carrot and the stick”

As Gallagher put it, the SFO’s approach is designed to strike a balance between the “carrot and the stick” as part of the UK’s growth agenda – “If you’re not part of the solution, you may well be part of the problem.” In a particularly memorable metaphor, he likened effective compliance controls to brakes on a car: “Brakes on a car are not necessarily there to slow you down. In fact, they’re there to make you go faster. Without correct checks and compliance, any organisation can drive recklessly. Some may get to their destination safely, but others run a high risk that they won’t.”

The parallel expansion of corporate criminal liability

While the SFO’s prevention campaign presents a clear opportunity for constructive engagement, it unfolds against a parallel expansion in corporate exposure.

Under the new failure to prevent fraud regime (in force from September 2025), large companies will face strict liability where associated persons commit fraud for the company’s benefit unless the company can demonstrate that it had reasonable prevention procedures in place. This broadens the potential scope of exposure considerably, encompassing conduct by employees, agents, subsidiaries and others acting on behalf of the business.

At the same time, Ephgrave has made clear that the SFO remains committed to more assertive enforcement action where standards fall short. The Director has publicly committed to increasing the pace of investigations, deploying more dawn raids and making full use of the agency’s enhanced legal powers.

Political context: growth ambitions and market integrity

The SFO’s repositioning also reflects the broader political backdrop. The UK government continues to prioritise economic growth and competitiveness, particularly in emerging sectors such as AI and crypto-assets. Gallagher noted that “economic growth is the no.1 mission of the government”. However, ministers have been equally clear that this growth must not be undermined by unchecked financial crime, with Gallagher adding that “the cost of fraud and corruption to companies can be significant, not just financially through financial penalties, impacted shareholder value, legal costs and potential debarment from obtaining government contracts, but also in reputational damage”.

The SFO’s prevention campaign sits directly at this intersection: offering companies additional support in strengthening controls while retaining the enforcement tools to intervene where necessary. The message to business is that strong compliance is not a brake on growth but a prerequisite for market confidence.

Conclusion: prevention and enforcement as two sides of the same coin

The SFO’s evolving prevention campaign under Nick Ephgrave represents a meaningful shift in tone, offering companies new avenues to engage constructively with the agency. Early dialogue, shared intelligence and practical support are welcome developments.

But prevention and enforcement remain closely intertwined. The introduction of the failure to prevent fraud offence, combined with the SFO’s stated intent to accelerate enforcement activity, means that corporates must approach engagement with care. Participation in prevention initiatives does not preclude enforcement action where wrongdoing is identified. Early dialogue may engage sensitive questions around privilege, internal investigations and the extent of any self-reporting. In that context, it remains to be seen whether companies will be willing to invite the SFO to review their compliance frameworks and provide input.

If you would like guidance or support regarding the SFO’s new prevention campaign, please get in touch with our team today.

Authored by Liam Naidoo, Claire Lipworth, Olga Tocewicz, and Reuben Vandercruyssen.