CoverProof
Start analysis
Role Guide

Section 250 and Your Board Liability as CEO

Section 250 of the Crime and Policing Act 2026 does not just create firm-level obligations. It creates criminal liability for individuals in significant roles who are not properly covered — and it creates board-level liability for CEOs who cannot demonstrate that their firm identified the gap and acted. If the FCA investigates your firm and you cannot produce a documented gap analysis, a declaration cycle, and a timestamped board evidence pack, there is no good-faith defence available.

Start Free Gap Analysis →
TL;DR

Section 250 of the Crime and Policing Act 2026 does not just create firm-level obligations. It creates criminal liability for individuals in significant roles who are not properly covered — and it creates board-level liability for CEOs who cannot demonstrate that their firm identified the gap and acted. If the FCA investigates your firm and you cannot produce a documented gap analysis, a declaration cycle, and a timestamped board evidence pack, there is no good-faith defence available. CoverProof automates the SM&CR gap analysis, zero-login declarations, and PDF/A-3B board evidence pack generation that CEOs need to complete before the June 29, 2026 statutory deadline under Section 250 of the Crime and Policing Act 2026.

Your Section 250 obligations

1

You are responsible for the firm's Section 250 compliance posture

As CEO, the buck stops with you. Your compliance director or CCO may execute the analysis, but you are accountable for ensuring it happens, that it covers the full scope, and that the board formally acknowledges it before the deadline.

2

The "reasonable steps" standard

Section 250 provides no statutory defence. A documented record of reasonable steps is material to prosecutorial discretion — it is the practical protection a firm can point to, but not a statutory shield. A systematic, documented gap analysis with a complete declaration cycle is what creates that record. An oral assurance from your compliance team does not.

3

Board resolution

Your board needs a formal resolution or minute acknowledging the Section 250 gap analysis and confirming that the declaration cycle has been completed. This resolution, timestamped and signed, is the centrepiece of your evidence pack.

Your pre-June 29 checklist

  • Assign Section 250 ownership to your CCO or compliance director
  • Set a hard internal deadline of June 15 (two weeks before the statutory deadline)
  • Receive and sign off on the gap analysis report
  • Confirm that all declarations have been sent and received
  • Formally acknowledge at board level
  • Retain the PDF/A-3B board evidence pack

Common questions

Can I delegate Section 250 compliance entirely to my compliance team?

You can delegate execution, not accountability. As CEO, the board-level obligation is yours. Your compliance team can run the gap analysis and manage the declaration cycle, but you must formally acknowledge the results and ensure the evidence pack is generated and retained.

What is the worst-case outcome if we miss the deadline?

Under Section 250, a senior manager's criminal offence is attributed to the organisation itself — the firm is treated as having committed that offence and, on conviction, is liable to that offence's own penalty (for offences tried on indictment, an unlimited fine; Section 250 does not itself set the penalty). The individual remains liable for the underlying offence they committed. The FCA may also launch a parallel enforcement investigation. Section 250 provides no adequate-procedures defence; your practical protection is a documented, contemporaneous record of the reasonable steps you took.

Give your board certainty. Not a verbal assurance.

CoverProof generates a PDF/A-3B evidence pack (designed for business-record admissibility under CEA 1995 s.8–9) automatically as declarations complete. Your board can download it, sign it, and minute it — before June 29. First gap analysis is free.

Start Free Gap Analysis →