The Crime and Policing Act 2026 introduces one of the most significant changes to corporate criminal liability in recent years. While the Act is primarily associated with fraud and economic crime, it also has important implications for health and safety management and enforcement.
For many organisations, the most significant change is that criminal liability may be attributed through the actions of a wider group of senior managers. This places greater focus on leadership decisions, operational oversight and the management of workplace risks.
In this guide, we explain what the changes mean for health and safety, who could fall within the Act’s definition of a senior manager, and the practical steps organisations can take to strengthen governance, accountability and risk management.
What is Section 250 of the Crime and Policing Act?
Section 250 of the Crime and Policing Act changes how criminal liability can be attributed to companies and partnerships.
The Act states that where a senior manager commits an offence while acting within the “actual or apparent scope of their authority”, “the organisation also commits the offence”.
So, if a senior manager commits a criminal offence while carrying out their role for the organisation, prosecutors may be able to pursue the individual and the organisation itself.
How will Section 250 affect health and safety liability?
Organisations can already be prosecuted directly for breaches of health and safety law under the Health and Safety at Work etc. Act 1974 (HSWA). Employers have a duty under the HSWA to ensure, so far as is reasonably practicable, the health, safety and welfare of their employees. Where that duty is breached, the organisation may face enforcement action and prosecution.
The significance of Section 250 is that it broadens the range of individuals whose actions can expose an organisation to criminal liability. Prior to Section 250, prosecutors seeking to attribute criminal conduct to a company often had to establish that the individual represented the organisation’s “directing mind and will” – normally those at the very top of the business.
Under Section 250, liability can arise through the actions of a wider group of senior managers who play a significant role in making decisions about, or managing, all or a substantial part of the organisation’s activities.
What is a ‘senior manager’ under the Crime and Policing Act 2026?
Section 250(3) of the Crime and Policing Act 2026 defines a senior manager as an individual who plays a “significant role” in either:
- the making of decisions about how the “whole or a substantial part” of the organisation’s activities are managed or organised; or
- the managing or organising of the whole or a substantial part of those activities.
The definition is based on an individual’s role and responsibilities rather than their job title. As a result, it may extend beyond directors and board members to include chief executives, managing directors, operations directors, regional directors, heads of business units and other senior leaders with significant decision-making or operational responsibility.
The phrases “significant role” and “whole or substantial part” are not defined in the Act, so the courts will ultimately determine the meaning. In practice, factors such as the scale of responsibility, decision-making authority and operational control will be relevant.
How does Section 250 impact health and safety liability?
Many health and safety incidents are not simply the result of a worker making a mistake. Investigations often identify underlying organisational factors such as poor planning, inadequate supervision, failures in communication, insufficient resources and weak management oversight.
The Health and Safety Executive’s guidance, HSG245 – Investigating accidents and incidents states that “root causes are generally management, planning or organisational failings”.
Examples may include situations where a senior manager:
- Knowingly allows unsafe working practices to continue
- Ignores repeated reports of significant safety concerns
- Fails to allocate resources necessary to control serious risks
- Prioritises production targets over safe systems of work
- Conceals incidents or dangerous occurrences
- Authorises work without suitable planning, supervision or training.
Where such conduct results in a criminal offence, Section 250 will make it easier to attribute liability to the organisation through the actions of a wider group of senior managers. This means that leadership decisions, governance arrangements and management oversight may receive increased scrutiny during regulatory investigations.
Can organisations still rely on a ‘reasonably practicable’ defence?
Under the HSWA, employers must ensure, so far as is reasonably practicable, the health, safety and welfare of their employees. Compliance is often demonstrated through evidence such as risk assessments, policies, training records, supervision arrangements and audit findings that show the organisation took reasonably practicable steps to manage risk.
Section 250 does not change those duties, but it does not contain separate defence based on having reasonable, adequate or effective procedures in place. So, although robust policies, procedures and records remain essential, they may not prevent organisational liability arising from the criminal conduct of a senior manager.
How can organisations prepare for Section 250?
Section 250 reinforces the importance of clear accountability, effective oversight and informed decision-making across the organisation. Here are some ways to prepare:
Identify who could be a senior manager
The first step is to identify which individuals may fall within the definition of a senior manager under Section 250.
This may include operational leaders, regional managers, heads of departments, business unit leaders and others with significant decision-making authority. While these individuals may not be health and safety specialists, their decisions can have a direct impact on how workplace risks are managed.
Consider:
- Who has authority over a significant part of the organisation’s operations?
- Who controls major budgets or resources?
- Who makes decisions about how work is organised, managed or supervised?
- Who can approve, defer or reject significant operational changes?
- Who is responsible for responding to serious incidents, enforcement notices or regulatory investigations?
The focus should be on actual responsibilities and decision-making authority rather than job titles alone.
Strengthen governance and oversight
Section 250 places greater emphasis on how significant decisions are made and overseen within an organisation. As a result, governance arrangements should support effective scrutiny, accountability and risk management.
Practical actions may include:
Reviewing delegated authority frameworks
Clearly define and document who has authority to make health and safety decisions. This should include which decisions can be made at a local level and which must be approved or escalated to more senior management.
Clarifying accountability for high-risk activities
Ensure there is clear ownership of significant health and safety risks. Individuals should understand which risks they are responsible for managing and what is expected of them.
Strengthening escalation procedures for significant risks
Establish clear processes for escalating serious hazards, incidents, compliance concerns or resource issues. Senior managers should be informed promptly when risks require additional resources, intervention or strategic decisions.
Ensuring major health and safety decisions are formally reviewed
Decisions with significant safety implications should be subject to appropriate review and challenge. Organisations should be able to demonstrate how key decisions were considered, approved and communicated.
Establishing clear routes for reporting concerns
Ensure employees and managers can raise health and safety concerns easily and confidently. Reporting arrangements should support the early identification and resolution of issues before they escalate.
Regularly reviewing incident trends, audits and risk data at a senior level
Use incident data, audit findings and other management information to identify recurring issues, emerging risks and areas requiring attention. Reviews should focus on understanding underlying causes and ensuring corrective actions are effective.
Provide training and raise awareness
Senior managers make important decisions about resources, staffing, maintenance, procurement, production schedules and operational priorities. Understanding the potential health and safety implications of those decisions can help ensure risks are managed effectively.
Organisations should ensure that senior managers understand:
- How operational and commercial decisions can affect workplace health and safety
- The circumstances in which their actions could expose the organisation to liability under Section 250
- Their role in identifying, managing and escalating significant risks
- When specialist health and safety advice should be sought
- The importance of balancing operational objectives with health and safety requirements
Training should focus on practical decision-making and accountability, helping senior managers understand how their actions can influence both safety outcomes and organisational liability.
Strengthen health and safety compliance with IOSH Managing Safely
The Crime and Policing Act 2026, Section 250 brings greater scrutiny to leadership decisions that affect workplace health and safety. Our IOSH Managing Safely course supports compliance by ensuring senior managers have a practical understanding of workplace health and safety, including how to identify and control risks, fulfil their responsibilities and make safer decisions.
We deliver IOSH Managing Safely in a range of formats to suit your organisation:
- eLearning – complete online via our learning platform or through your own LMS as a SCORM package
- Virtual classroom – live tutor-led training delivered over three days via Microsoft Teams
- Face-to-face – delivered at your premises by an experienced IOSH-approved trainer
Find out about IOSH Managing Safely on our website or contact our friendly team on 0203 011 4242 / [email protected]
