Legal Precedents

1 Introduction 1.1 This Guide outlines our organisation’s approach to decision-making and includes: 1.1.1 the reasons we have introduced a Decision-making framework 1.1.2 how we approach decision-making 1.1.3 when the Decision-making framework should be applied 1.1.4 which decision-making tools are available to support you 2 Why do we have a Decision-making framework? 2.1 Our Decision-making framework offers a clear and structured method to follow, helping us to make sound business decisions that align with our organisational goals......

This Precedent assists in determining decision-making authority for each and every area of your organisation...

1 Your details Full name [ enter name ] Position [ enter role ] Department [ enter department ] Date [ enter date ] 2 Decision details What outcome must we decide upon at this stage? By which date is a final decision required......

STOP PRESS: On 19 June 2025, the Data ( Use and Access) Bill secured Royal Assent, transforming into the Data ( Use and Access) Act 2025 ( DUAA 2025), with partial commencement on that very same day. A number of DUAA 2025 provisions, covering areas like handling data subject access requests and granting powers to make additional regulations, took effect immediately on 19 June 2025. Other related provisions, relating to Information Commissioner notices and certain aspects of law enforcement processing, commenced on 19 August 2025 (being two months from the date of Royal Assent). The majority of DUAA 2025’s measures still require further regulations, in the form of statutory instruments, to be made in order to bring them fully into force. Parts 5 and 6 of DUAA 2025 serve to amend several facets of data protection and e Privacy law in the UK,...

STOP PRESS: On 19 June 2025, the Data ( Use and Access) Bill secured Royal Assent, becoming the Data ( Use and Access) Act 2025 ( DUAA 2025), with partial commencement on that date. In force from 19 June 2025: provisions on handling data subject access requests and the granting of powers to make further regulations. In force from 19 August 2025 (two months after Royal Assent): measures relating to notices from the Information Commissioner and certain aspects of law enforcement processing. The majority of DUAA 2025’s measures will commence only when further regulations, in the form of statutory instruments, are made. Parts 5 and 6 of DUAA 2025 amend elements of UK data protection and e Privacy law, including the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 ( UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic...

Precedent compliance declaration register You should request that staff sign a statement confirming they have received, read and grasped your policies and procedures and, where relevant, taken the linked training. This Precedent compliance declaration register enables you to record who within your organisation has received, read and understood your policies, and who has or has not completed training. It can also be used to identify members of staff who have yet to sign a compliance declaration. Please click to access the register. Please note that the register is produced in Excel and therefore cannot be downloaded into Word......

1 [ Insert policy name, eg anti-bribery and corruption ] compliance declaration [ Insert organisation’s name ] maintains a zero-tolerance policy towards [ insert subject, eg bribery and corruption ]......

1 Prevention of fraud For the purposes of this clause 1: the terms ‘ Associated With’, ‘ Fraud Offence’ and ‘ Prevention Procedures’ shall be interpreted in accordance with Part 5 of the Economic Crime and Corporate Transparency Act 2023 ( ECCTA 2023) and any guidance issued under it; Corporate Failure to Prevent Fraud Offence means an offence under section 199 of ECCTA 2023 [ together with any other applicable United Kingdom laws, legislation, statutory instruments and regulations relating to failure to prevent fraud ] [ and any similar or equivalent laws in any other relevant jurisdiction [ including [ specify ] ] ]; Policies means the Customer’s anti‑fraud policies as set out in Schedule [insert], as amended by the Customer and...

This survey aims to gauge knowledge and comprehension of our [ insert, eg fraud risk management or financial crime compliance ] policies and procedures, helping us evaluate the overall effectiveness of our controls in this area. Kindly respond honestly, as we [ will OR may ] rely on the survey outcomes to shape a review of our policies and training arrangements. Please tick your chosen answer, and add explanations where suitable. Once you have finished this survey, in full, please return it to [ insert name ]......

1 General information Date of this report: [ Insert date ] Date of the previous report: [ Insert date ] Name and status of person submitting report: [ Insert name and status, eg Head of risk ] 2 Action points arising from last report Action point: [ Action point ] Person responsible: [ Identify person responsible for this action point ] Status: [ Insert status ] Action point: [ Action point ] Person responsible: [ Identify person responsible for this action point ] Status: [ Insert status ] ...

Date: [ insert date ] From: [ Insert name and job title ] Official statistics indicate that fraud is the most prevalent offence in the UK. As an organisation, we could be exposed to fraud unless we treat the risk with care and prudence. Managing this risk seriously and sensibly is essential to protect our business. We also face liability for the corporate offence of failure to prevent fraud carried out for our benefit, introduced by the Economic Crime and Corporate Transparency Act 2023 ( ECCTA 2023) and effective from 1 September 2025, which carries severe penalties. This offence operates alongside existing fraud law, so the individual who committed the fraud can be prosecuted personally for the fraud, while our organisation is prosecuted for failing to prevent it. Our fraud risk management policy and associated procedures are our first line of defence, both in...

[ Insert organisation name ] is proud of how we conduct our business. Our Code of ethics sets out the standards and policies that govern our operations and applies to everyone. Please read the Code carefully, make sure you understand it, and use it to guide your work. If you have any queries about the Code or its application, please speak with [ insert contact details ]. 1 What is fraud? 1.1 In broad terms, fraud is a criminal act involving deception or theft to secure an advantage. 1.2 The failure to prevent fraud offence under the Economic Crime and Corporate Transparency Act 2023 ( ECCTA 2023) covers a wide range of fraud offences carried out for the benefit of our organisation, including: fraud by false representation fraud by failing to disclose information fraud by abuse of position obtaining services...

1 Pandemic management team and strategy Action point: Nominate an individual to head the Pandemic management team ( Pandemic management co-ordinator) and set out their remit clearly. Owner: [ Insert name or role of owner of this action point ] Status and comments: [ Confirm status and add comments as required ] Action point: Form a Pandemic management team with representatives from: senior leadership; finance; business units; human resources; business continuity; risk management; [ real estate OR property ] management; facilities management; communications; legal. Owner: Pandemic management co-ordinator Status and comments: [ Confirm status and add comments as required ] Action point: Specify the duties and...

1 Introduction 1.1 A pandemic refers to the global spread of a new illness. A viral pandemic occurs when a novel virus emerges and transmits across countries, with most people having no immunity. Examples include the 2009 H1N1 influenza pandemic and the Coronavirus ( COVID-19) pandemic from 2020 onwards. 1.2 This pandemic management strategy details [ insert company name ]’s approach to managing a pandemic. The effects of outbreaks on individuals, organisations and wider society can be reduced through effective readiness. This requires a comprehensive plan that is regularly reviewed and refined. 1.3 In light of potential pandemic threats, [ insert company name ] continually monitors risks in the countries where [ insert company name ] already operates. In addition, [ insert company name ] has developed a high-level pandemic management strategy, outlined in this document. 2 Pandemic management team 2.1 A Pandemic management team has been created [ for each...

The issue Sadly, pandemics trigger spikes in criminal online activity; such crises give fraudsters a hook to target people across the globe. As many of us work remotely, we must stay alert to cyber-attacks against both home and workplace systems. Throughout the coronavirus pandemic, criminals are exploiting the situation to pose as local or national governments, regional or global health organisations, and trusted news outlets. Beyond phishing emails, they are also using: text messages to mobiles claiming to be from official bodies, e.g. the UK Government; bogus pandemic-themed websites that deliver malware and malicious apps; impostors pretending to be VPN or portal support to harvest employee credentials. What we need from you It remains essential to use only standard procedures and company-issued IT tools during a pandemic. Any variations to our processes must be fully recorded, reviewed and approved by...

These guidance notes sit alongside our CDD customer risk assessment form and outline the points you ought to weigh up for every section. Instructions for completion When must this form be completed? Complete this form for every new customer [ to whom our AML, CTF and counter-proliferation financing policy applies. If you are uncertain whether the policy is in scope, please obtain advice from [ state who ] ] ......

1 Anti-tax evasion facilitation Defined terms take their meanings from Part 3 of the Criminal Finances Act 2017. Corporate Failure to Prevent Tax Evasion Facilitation Offence means offences under sections 45 and/or 46 CFA 2017. Policies are the Customer’s anti‑tax evasion facilitation policies. Supplier Associated Person means the Supplier’s officers, employees, agents, subcontractors, subsidiaries, and persons Associated With them involved in the Services or this Agreement. The Supplier shall ensure neither it nor any Supplier Associated Person commits, causes or facilitates any UK or Foreign tax evasion offence, or the corporate failure to prevent offence, and shall not solicit such conduct in connection with the Services or this Agreement. The Supplier shall comply with the Policies and ensure Supplier Associated Persons do so; maintain reasonable Prevention Procedures; implement top‑level endorsed policies; deliver regular training; vet Supplier Associated Persons; keep accurate records of requests, permitted reports,...

This Precedent enables you to record any further steps you must take to mitigate and oversee identified fire risks. It serves as a supplement to Precedent: Fire safety arrangements record and evacuation plan. Select here to access the Precedent. Be aware that this Precedent is supplied as an Excel spreadsheet, therefore it cannot be downloaded into Word in that format......

This corporate criminal liability risk management plan documents the actions we have taken to design and roll out suitable measures to manage corporate criminal liability risks within [ insert organisation name ]. It addresses six key areas: risk assessment; risk-based measures; top-level commitment; due diligence; communication and training; and monitoring and review. 1 Risk assessment Carry out a risk assessment. Action Comment □ Pinpoint senior managers and define the breadth of their authority. [ Add any notes you wish to include in connection with this action point ] □ Examine governance processes. [ Add any notes you wish to include in connection with this action point ] □ Evaluate the offences encompassed by corporate criminal liability provisions. [ Add any notes you wish to include in connection with this action point ] □ Review day-to-day operational risk factors, eg around senior...

Date: [ insert date ] 1 Introduction The Economic Crime and Corporate Transparency Act 2023 ( ECCTA 2023) aims to bolster the UK’s response to economic wrongdoing. It is designed to strengthen the UK’s fight against economic crime. A standout change for commercial organisations is the broadened basis on which companies can be criminally liable for misconduct by senior managers, extending corporate responsibility for their actions. 1.1 What’s the issue? Since 1971, the courts’ identification doctrine has set the test for treating a natural person’s actions and state of mind as those of a legal person. It has been the principal route for attributing criminal responsibility to corporate bodies. Under this approach, only when the ‘directing mind and will’ of a company committed the offence could liability attach to the corporate itself; in practice, this largely captured the managing director or owner when actively running the...