CoverProof
Role Guide

Section 250 and Your Board Liability as CEO

Section 250 of the Crime and Policing Act 2026 creates corporate attribution risk where a senior manager commits an offence within actual or apparent authority. CEOs need to be able to demonstrate that the firm identified the gap between SM&CR-mapped roles and the wider s.250(3) functional-test population, then acted on it. If the FCA investigates your firm and you cannot produce a documented gap analysis, a declaration cycle, and a timestamped board evidence pack, there is no adequate-procedures defence available under s.250.

Start Free Gap Analysis →
TL;DR

Section 250 of the Crime and Policing Act 2026 creates corporate attribution risk where a senior manager commits an offence within actual or apparent authority. CEOs need to be able to demonstrate that the firm identified the gap between SM&CR-mapped roles and the wider s.250(3) functional-test population, then acted on it. If the FCA investigates your firm and you cannot produce a documented gap analysis, a declaration cycle, and a timestamped board evidence pack, there is no adequate-procedures defence available under s.250. CoverProof automates the SM&CR gap analysis, zero-login declarations, and PDF/A-3B board evidence pack generation that CEOs need to complete before the June 29, 2026 statutory deadline under Section 250 of the Crime and Policing Act 2026.

Your Section 250 obligations

1

You are responsible for the firm's Section 250 compliance posture

As CEO, the buck stops with you. Your compliance director or CCO may execute the analysis, but you are accountable for ensuring it happens, that it covers the full scope, and that the board formally acknowledges it.

2

The evidential record

Section 250 provides no statutory defence. A documented record of reasonable steps is material to prosecutorial discretion — it is the practical protection a firm can point to, but not a statutory shield. A systematic, documented gap analysis with a complete declaration cycle is what creates that record. An oral assurance from your compliance team does not.

3

Board resolution

Your board needs a formal resolution or minute acknowledging the Section 250 gap analysis and confirming that the declaration cycle has been completed. This resolution, timestamped and signed, is the centrepiece of your evidence pack.

Your pre-June 29 checklist

  • Assign Section 250 ownership to your CCO or compliance director
  • Set a hard internal deadline for any outstanding declaration chase
  • Receive and sign off on the gap analysis report
  • Confirm that all declarations have been sent and received
  • Formally acknowledge at board level
  • Retain the PDF/A-3B board evidence pack

Common questions

Can I delegate Section 250 compliance entirely to my compliance team?

You can delegate execution, not accountability. As CEO, the board-level obligation is yours. Your compliance team can run the gap analysis and manage the declaration cycle, but you must formally acknowledge the results and ensure the evidence pack is generated and retained.

What is the worst-case outcome if we have no Section 250 record?

Under Section 250, a senior manager's criminal offence is attributed to the organisation itself — the firm is treated as having committed that offence and, on conviction, is liable to that offence's own penalty (for offences tried on indictment, an unlimited fine; Section 250 does not itself set the penalty). The individual remains liable for the underlying offence they committed. The FCA may also launch a parallel enforcement investigation. Section 250 provides no adequate-procedures defence; your practical protection is a documented, contemporaneous record of the reasonable steps you took.

Give your board certainty. Not a verbal assurance.

CoverProof generates a PDF/A-3B evidence pack designed for business-record admissibility automatically as declarations complete. Your board can download it, sign it, and minute it as part of the current governance record. First gap analysis is free.

Start Free Gap Analysis →