SFO unveils 2025-26 plan to combat financial crime

The UK’s Serious Fraud Office (SFO) has published its Business Plan for 2025-26 (the Business Plan), marking the second year of its five-year strategy to fight complex financial crime. With a renewed emphasis on speed, pragmatism and technology, the SFO aims to build on its recent progress and reinforce the UK’s reputation as a safe business harbour. This comes at an important time for corporate crime enforcement, as the US rows back from its prior vigorous enforcement of the Foreign Corrupt Practices Act.

 

Recent developments

With Nick Ephgrave at the helm since September 2023, the SFO has taken a more a proactive approach to enforcement, including opening eight new investigations; listing five cases for trial in 2026; and obtaining an unexplained wealth order in January 2025. The SFO's recent charge of an insurance broking firm with failure to prevent bribery in connection with alleged payments to Ecuadorian officials is a case which, if it proceeds to trial, would mark the first time a corporate “failure to prevent" charge is heard before a jury.

In a push to drive more corporate self-reporting, the SFO has published updated guidance on corporate self-reporting and cooperation.

For the first time, the SFO has stated explicitly that where a corporate self-reports suspected wrongdoing and fully cooperates, it can expect to be invited to negotiate a Deferred Prosecution Agreement (DPA) rather than face prosecution (unless exceptional circumstances apply). Notably, however, the SFO has also made clear that a DPA may still be available even where no self-report is made, provided the company subsequently demonstrates significant cooperation – a development that could shift incentives away from early disclosure as a “wait and see” approach could deliver the same results as an early self-report.

The guidance outlines a streamlined process which includes:

• contact within 48 business hours;
• a decision on whether to investigate within six months; and
• a target to conclude DPA negotiations within six months of an invite.

The new guidance also offers clarity on what the SFO views as “genuine cooperation”, including early engagement on internal investigations, prompt disclosure of facts, and preservation of material. Corporates are encouraged to avoid jurisdictional “forum shopping”, engage transparently, and where appropriate, consider waiving legal privilege to expedite resolution.

Boards now have clear incentives and timelines to consider when alerted to potential misconduct. This “offer” from the SFO represents an opportunity for proactive engagement – but also underlines the need for careful consideration and corporate readiness for these worse case scenarios.

Collectively, these developments underscore a shift towards more assertive and wide-reaching enforcement – a direction that informs the priorities outlined in the Business Plan.

We set out below our insights on the SFO's key objectives.

1. Enforcement and prevention in combatting crime: Full deployment of Failure to Prevent Fraud (FTPF)

On 1 September 2025 the much-anticipated FTPF offence under the Economic Crime and Corporate Transparency Act 2023 comes into force with the aim of targeting economic crime at an organisational level. The SFO is working to publish refreshed corporate guidance to support this and press ahead with policy reform. This approach contrasts sharply with recent developments in the US, where the administration has paused enforcement of the Foreign Corrupt Practices Act (FCPA) to “reduce regulatory burdens” on American businesses. An Executive Order issued in February 2025 suspends FCPA enforcement and mandates a review of past cases, signalling a divergence in international enforcement trends. Against this backdrop, UK-based organisations should not assume a softening of standards at home – large organisations should ensure their “houses are in order” and implement reasonable fraud prevention procedures – see our ECCTA Hub for details.

2. Whistleblower incentivisation scheme

Plans to introduce a whistleblower incentivisation scheme, modelled on the US Dodd-Frank framework, have been confirmed as one of the SFO's priorities for 2025-26. Such schemes involve rewarding individuals who report corporate crime within their organisation, particularly where their information leads to enforcement action. The significance of this development lies in its potential to transform the UK's enforcement capabilities by generating higher-quality intelligence and deterring wrongdoing.

In the US, the Securities and Exchange Commission (SEC) has operated a successful whistleblower programme since 2011, with payouts ranging from 10% to 30% of monetary sanctions collected, when the sanctions exceed USD1 million. The Department of Justice has also launched a three-year pilot Corporate Whistleblowing scheme, further embedding financial incentives into enforcement strategy. Notably, a USD279 million award was granted to a whistleblower in 2023 – the SEC's largest to date – but only 0.5% of whistleblowers receive financial rewards, countering the perception that these schemes are overly generous.

A recent report by the Royal United Services Institute (RUSI), commissioned by the Serious Organised Crime and Anti-Corruption Evidence Programme, has added weight to the case for the reform. RUSI urged the UK to break its “long-held antipathy” towards paying whistleblowers and argued that a formal UK scheme could play a “pivotal role” in reducing economic crime, particularly by attracting“insiders” with first-hand evidence. RUSI's report also emphasised that effective schemes depend on strong protections against retaliation, credible regulators, and careful design – including the creation of an Office of the Whistleblower to manage operations.

It seems that, in the wake of the US pilot rewards programme for non-US whistleblowers introduced last year, the momentum has grown prompting renewed calls for a similar approach in the UK. The SFO has submitted a proposal to government setting out how a UK whistleblower reward scheme could work and continues to press the case publicly, with Nick Ephgrave describing UK whistleblowers' current tendency to report through US channels as “brain drain”, urging reform to ensure that enforcement benefits are retained within the UK. A private member’s bill to establish an independent Office of the Whistleblower is now before parliament, due for its second reading in the Commons later this month, and the Home Office recently appointed leading barrister Jonathan Fisher KC to review incentives for whistleblowers as part of its broader fraud reform.

While specific details of the UK model are yet to be finalised, and key difficulties remain to be managed, its inclusion in the SFO Business Plan signals a clear shift towards intelligence-led enforcement, with whistleblowers increasingly recognised as key contributors to economic crime detection and the SFO leadership comparing them to “key holders” who know where the evidence lies. The SFO’s proposed “payment by results” model has alignment with certain international practices – rewards would be contingent on conviction or sanction, and the scheme could either be embedded within the SFO or delivered via a new centralised body. In turn it ought to act as an even bigger incentive for UK companies to create an environment and culture where genuine concerns are raised and investigated internally before any external examination.

3. Leveraging technology: Driving efficiency through innovation

Following successful pilots, the SFO says it will roll out Technology Assisted Review, expected to cut disclosure review time by up to 40%. Such technology has been used by authorities overseas and in corporate criminal defence for very many years, and may be seen as a sign of the SFO moving towards rather than advancing modern standards. The delivery of a new case management system and data-driven review platform designed to improve workflow and case progression are also reported as being central to modernising the SFO's operations. Any improvement to the current timescales experienced in serious and complex cases is a cause for optimism.

Other technology priorities include:

• a comprehensive tech audit and updated roadmap for AI integration;
• enhancements to intelligence analysis and data fusion tools;
• implementation of enterprise resource planning systems and secure-by-design technology; and
• strengthening crypto asset investigation capabilities.

4. Strengthening engagement with the justice system: Enhancing domestic and international collaboration

Global collaboration remains a core pillar of maintaining the UK's reputation as a good place to do business. The SFO recently co-founded a new anti-bribery and corruption taskforce with enforcement bodies in France (Parquet National Financier) and Switzerland (Office of the Attorney General of Switzerland). Additionally, across 2025-26, the SFO will:

• prepare for the UK’s Financial Action Task Force inspection in 2027;
• host an international economic crime event in 2026-2027;
• strengthen relationships with private sector actors via a prevention programme;
• expand secondment programmes with partner agencies; and
• actively contribute to progressing the disclosure reform and further reforms of the criminal justice system. 

5. Developing people: Specialist skills and inclusivity

The SFO acknowledges the need for attracting and retaining a highly skilled workforce to meet evolving challenges. Therefore, workforce development is one of the key objectives for the SFO. As part of these efforts, the SFO will:

• launch its People Strategy and develop career pathways for critical roles;
• implement an Equity, Diversity and Inclusion plan; and
• upskill managers in employee development.

 

What this means for companies 

The Business Plan embodies the SFO’s shift toward a more agile, outward-facing and technologically enabled enforcement agency. The focus on legislative changes indicates a shift towards proactive prevention and corporate accountability. By integrating advanced technologies like AI, the agency aims to address the increasing complexity and volume of data in financial crime cases efficiently. Enhanced international collaboration is crucial, given the borderless nature of financial crimes, and the emphasis on workforce development will seek to ensure that the SFO is well-equipped to tackle emerging challenges.

Companies operating in high-risk sectors (like financial and professional services, technology, construction and infrastructure, energy, natural resources and commodities trading, for example) should expect a more assertive enforcement landscape, particularly with the expansion of corporate liability through the FTPF offence.

Boards should review internal fraud controls and whistleblower procedures in anticipation of increased scrutiny and enforcement. Now is also the time to revisit engagement strategies with enforcement bodies and ensure readiness for upcoming changes in disclosure and case management protocols. Structured discussions with those with risk management oversight are necessary to plan carefully for these business-critical events. The success of these initiatives will depend on effective implementation and the ability to adapt to the dynamic landscape of financial crime.

As the SFO consolidates its new direction, businesses should stay alert to further policy developments and the possible introduction of financial incentives for whistleblowers – a move that could significantly reshape the UK’s economic crime enforcement environment.