The New Frontiers of Corporate Legal Liability: A Paradigm Shift from Individual Intent to Systemic Accountability

Abstract

Corporate legal liability is undergoing a paradigm shift. The outdated “identification principle”, which struggled to hold modern, decentralised organisations accountable, is being replaced by a more robust “failure to prevent” model. This new standard holds corporations liable for systemic and structural deficiencies, not just for an individual’s wrongdoing. Concurrently, new risks are emerging from two fronts: rapid advancements in artificial intelligence (AI) and growing demands for corporate transparency and ethical conduct under Environment, Social, and Governance (ESG) criteria. These trends are interconnected, signalling a future where legal risk is defined by a company’s proactive measures to prevent harm, whether from corruption, environmental damage, or technological misuse. This new era demands a fundamental re-evaluation of corporate governance and accountability.

Introduction

The prosecution of corporations for criminal acts has historically been a significant challenge, often constrained by legal doctrine that predated the complexities of the modern global enterprise. A cornerstone of common law, the “identification principle”, stipulated that a corporation could only be found criminally liable for the offence. While this approach served as a foundational legal tenet for many years, it proved increasingly ill-suited to the diffuse and decentralised nature of modern organisations, where decision-making authority is often difficult to trace to a single individual. As a result, many corporate wrongdoings went unpunished.

This article examines a profound and fundamental transformation underway in corporate legal accountability. A global paradigm shift is dismantling the traditional model and forging a new, more robust standard of corporate responsibility. This shift is characterised by a move from punishing a wrongful act to penalising a failure to prevent such an act. This evolution holds companies accountable for systemic and cultural deficiencies rather than for the actions of a single rogue employee.

The legal landscape is moving towards a framework of systemic accountability; a fundamental paradigm shift is being accelerated by the convergence of legislative reform and the emergence of new, technology-driven, and ESG-related legal risks. These two trends are fundamentally interconnected, signalling a future where corporate legal risk is defined less by isolated, wrongful acts and more by a company’s proactive measures to prevent harm. This new era of legal scrutiny demands a fresh analytical approach and represents a fertile ground for in-depth research and legal commentary.

The Evolving Doctrine of Corporate Criminal Accountability

The traditional “identification principle” was a cornerstone of corporate criminal law, but its failure to address institutional shortcomings meant that proving the necessary mens rea for the corporation was nearly impossible. In response, a new model of corporate accountability is gaining global traction: the “failure to prevent” offence. This legislative approach bypasses the difficult task of linking an act to a “directing mind” and instead holds a company strictly liable for a crime committed by an “associated person”. The corporation can avoid liability only by proving that it had an “adequate procedure” in place to prevent the wrongdoing. This fundamentally shifts the legal burden from the prosecution to the corporation itself, which must now demonstrate a proactive commitment to due diligence and a culture of compliance. This paradigm shift marks a move from a reactive, punishment-based model to a proactive, prevention-based one, seeking to change corporate behaviour from within.

South Africa provides a compelling, real-world example of this legal evolution. The country’s Judicial Matters Amendment Act introduced a new provision, Section 34A, into the Prevention and Combating of Corrupt Activities Act (PRECC).[1] This new offence directly embodies the “failure to prevent” model, imposing strict liability on companies for corrupt acts by an “associated person”. This legislative change was a direct result of the recommendations from the Judicial Commission of Inquiry into Allegations of State Capture, Corruption and Fraud, also known as the Zondo Commission.[2] The commission’s report exposed widespread bribery and a culture of corruption, motivating a legal change designed to prevent such activities in the future by forcing companies to adopt a proactive stance on compliance.[3]

The offence is a criminal one, and a company can be found guilty even if it did not know about the bribe. The “associated person” is defined broadly to include employees and independent contractors, suppliers, joint venture partners, distributors, and other third-party entities who perform services for or on behalf of the company. This broad scope fundamentally alters a corporation’s legal and due diligence responsibilities, as it is now liable for the actions of a wide range of individuals and entities beyond its immediate employee base.

The only available defence for a company facing a Section 34A charge is to prove that it had “adequate procedure” in place to prevent the bribery from occurring. A critical challenge for companies operating in South Africa is that the law does not currently provide any guidance or regulations on what constitutes “adequate procedures”. In this legal vacuum, a new legal imperative has emerged.[4]

The South African law was explicitly modelled on the UK Bribery Act 2010.  In the absence of domestic guidance, South African legal experts and businesses are turning to the UK’s legal framework for best practices and principles. This direct reliance on foreign guidance creates a de facto harmonisation of legal standards. Companies seeking to comply with South African law must, by necessity, implement procedures based on UK legal guidance, effectively making transnational legal standards a reality even without formal international treaties. This convergence underscores the importance of a proactive, due diligence-centric approach to compliance, as outlined in the UK’s six principles for preventing bribery: proportionate procedures, top-level commitment, risk assessment, due diligence, communication, and monitoring and review. [5]

The legal paradigm shift is not unique to South Africa. The UK’s new Economic Crime and Corporate Transparency Act 2023 (ECCTA) has reformed the law of corporate criminal attribution and introduced a new offence of “corporate failure to prevent fraud”.[6] The new offence applies to “large” bodies corporate and partnerships, making them criminally liable for the acts of a person “associated with them” is similarly broad, extending to employees, agents, distributors, and joint venture partners. This new UK offence, like South Africa’s PRECCA Section 34A, solidifies the “failure to prevent” model as a dominant global legal standard.

The ECCTA includes a defence for organisations that can prove they had “reasonable prevention procedures” in place. It will come into force six months after the government publishes statutory guidance, which is expected to follow the six principles of compliance applicable to the Bribery Act. This demonstrates a clear global trend toward holding corporations accountable for systemic failures and the “fundamental integrity of their internal systems and corporate culture” rather than relying on the actions of a single individual. The following table provides a comparative analysis of these evolving doctrines.

New Fronts in Corporate Legal Risk: Technology and Sustainability

The legal landscape is also being reshaped by the intersection of sustainability and societal demands. The rise of ESG has created a new legal frontier: “greenwashing.” This is the deceptive practice of making a company or its products appear more environmentally friendly or sustainable than they are, a practice that has evolved from a mere reputational risk to a full-blown legal one. The impetus for litigation is driven by heightened consumer concern, the rise of watchdog organizations, and a growing regulatory focus. [8]

A landmark ruling by the South African Advertising Regulatory Board (ARB) found the energy company TotalEnergies guilty of misleading sustainability advertising. The complaint, filed by a campaign group, argued that TotalEnergies’ claims about its commitment to sustainable development and environmental protection were “false and misleading.” The ARB’s decision set a crucial precedent for consumer protection, affirming that companies cannot mask their harmful environmental practices with misleading claims.[9]

A critical aspect of this ruling is its demonstration of the ARB’s de facto legal authority. The ARB is a self-regulatory, membership-based body, and while TotalEnergies is not a member , the ARB’s decision is binding on its members, which include broadcasters and other entertainment companies. As a result, the ARB instructed its members “not to accept any advertising from the Advertiser with the wording ‘committed to sustainable development’.” This creates a powerful commercial consequence.[10] Even without direct legal jurisdiction over the offending company, the ARB can effectively remove a misleading ad from the market by leveraging its authority over media members. This mechanism demonstrates how non-state actors can create significant legal and commercial pressure, a vital consideration for modern corporate compliance.

The rapid rise of Artificial Intelligence is creating new, complex legal questions that traditional laws are ill-equipped to handle. The “black box” nature of AI algorithms complicates legal concepts based on human action and intent, posing novel issues in product liability cases and forcing the law to adapt in real-time.

A central area of conflict is intellectual property (IP) law, which is grappling with two major issues: infringement from training data and the copyrightability of AI output.[11]

The first issue concerns the legality of using copyrighted material to train AI models. A wave of class-action lawsuits alleges that the ingestion of massive amounts of copyrighted material constitutes unauthorised copying.[12] A key legal development in this area stems from a federal judge’s ruling in a case against the AI company Anthropic. The judge made a crucial distinction: while the act of using copyrighted works to train AI was considered “fair use” because it was a “quintessentially transformative” process, the company’s act of illegally acquiring the books from “pirate websites” was not legally defensible. This ruling establishes a critical legal precedent: the legality of using training data hinges not just on the purpose of its use but on the legality of its sourcing. The $1.5 billion settlement by Anthropic, the largest copyright recovery in history, serves as a powerful, real-world consequence for failing to implement robust due diligence on the data supply chain.[13]

The second issue is the copyrightability of AI-generated content. The U.S. Copyright Office has been clear that “human authorship is a bedrock requirement of copyright.” However, South Africa’s legal framework offers a more progressive, albeit complex, alternative . The South African Copyright Act defines the “author” of computer-generated works as the person who made the “necessary arrangements for the creation of the work.” This provision suggests that if a human exercises “sufficient control or input” in the generation of a work—for example, through a detailed prompt—they could potentially be considered the author and thus the copyright owner. This legal distinction highlights a significant global legal fragmentation. In this regard, South Africa’s law is more forward-looking than that of the United States, which suggests that companies must navigate a complex, jurisdiction-specific legal landscape. [14]

The use of AI also creates a new due diligence imperative for corporations and law firms, as the use of public AI tools can lead to data breaches and new sources of corporate liability. This links the themes of technology and corporate accountability in a direct, material way. The following table provides a clear, concise overview of the key legal risks posed by AI.

Core Recommendations for Corporate Governance and Compliance

The profound shift to a “failure to prevent” model, coupled with new ESG and AI-related legal risks, demands that corporations re-evaluate their compliance strategies. The era of reactive, post-scandal responses is over; a proactive, prevention-based framework is now the legal imperative.

Companies must shift from a reactive to a proactive compliance culture. This means embedding a culture of ethical conduct and due diligence within the very fabric of the organisation. The causal chain is clear: legislative reform creates a strict liability offence; this shifts the legal burden to the corporation; to avoid sanctions, the corporation must implement “adequate procedures”; this, in turn, fosters a proactive, self-policing, anti-corruption culture. The following recommendations provide actionable steps for establishing this new framework.

In the absence of South African-specific regulations on what constitutes “adequate procedures” under PRECCA Section 34A, companies can look to the UK Ministry of Justice’s six principles for anti-corruption programs. These principles promote ethical leadership, risk management, accountability, and transparency:

• Top-Level Commitment: The company’s board of directors should foster a culture where bribery is never acceptable, and senior management should be visibly committed to the anti-bribery program.
• Risk Assessment: Companies should periodically assess their exposure to potential bribery risks. The procedures adopted must be proportionate to the bribery risks they face and the nature, scale, and complexity of their activities.
• Due Diligence: Robust due diligence procedures must be carried out on “associated persons,” including third-party suppliers, agents, and joint venture partners.
• Communication & Training: Anti-bribery policies must be clearly and regularly communicated internally and externally. Companies should also provide training to ensure that all relevant personnel understand their role in implementing the anti-bribery procedures.
• Monitoring and Review: Anti-bribery procedures should be monitored and reviewed periodically to ensure they remain fit for purpose.
• ESG: To mitigate greenwashing risks, organizations should develop internal policies in collaboration with compliance, risk, and sustainability teams. All environmental and sustainability claims must be accurate, verifiable, and based on scientific standards. Companies should also enhance employee awareness of greenwashing risks through training and stay up to date with evolving market practices and regulatory trends.
• AI: The use of generative AI necessitates a new layer of due diligence. Corporations must implement risk mitigation strategies and stay informed about global developments. This includes vetting the data sources of AI models to avoid copyright infringement risks, establishing policies for the “explainability by design” of AI systems, and implementing human oversight to ensure decisions are fair and transparent. The use of public AI tools can lead to new sources of corporate liability and data breaches, creating a critical due diligence imperative.

Conclusion

The analysis of emerging trends in criminal and corporate law reveals a legal landscape in the midst of a profound shift. The traditional “identification principle” is being systematically replaced by a more robust and effective “failure to prevent” model, which holds corporations accountable not for the actions of a single individual but for the fundamental integrity of their internal systems and corporate culture. The legislative changes in South Africa and the evolution of laws concerning corporate manslaughter serve as powerful evidence of this paradigm shift.

Simultaneously, new fronts of legal risk are emerging at the intersection of technology and society. AI and ESG are creating unprecedented challenges to long-standing legal doctrines, forcing a re-evaluation of concepts from liability to due diligence. These two trends, the shift towards systemic accountability and the rise of technology and sustainability as legal battlegrounds, are not isolated events. They are fundamentally interconnected, signalling a future where corporate legal risk is defined less by isolated, wrongful acts and more by a company’s proactive measures to prevent harm, whether it is from corruption, environmental damage, or the misuse of new technologies. This new era of legal scrutiny demands a fresh analytical approach and represents a fertile ground for in-depth research and legal commentary

Reference(S):

Journal Article

AI Regulation in South Africa: Compliance and Governance (Nemko) <https://digital.nemko.com/regulations/ai-regulation-in-south-africa/> accessed 10 September 2025  

An analysis of the failure of a company to prevent bribery under the Prevention and Combating of Corrupt Activities Act (2025) 142 S. African L.J. 347

 Guide/Blog Post

Amazon-backed startup agrees to pay $1.5 billion to authors for using pirated books to train AI, says we remain committed to… (The Times of India) <https://timesofindia.indiatimes.com/technology/tech-news/amazon-backed-startup-agrees-to-pay-1-5-billion-to-authors-for-using-pirated-books-to-train-ai-says-we-remain-committed-to/articleshow/123738016.cms/> accessed 10 September 2025  

News Article

Anthropic agrees to $1.5 billion settlement in largest copyright case (PPC Land, 5 September 2025) <https://ppc.land/anthropic-agrees-to-1-5-billion-settlement-in-largest-copyright-case/> accessed 10 September 2025

Matt O’Brien, Anthropic to pay authors $1.5 billion to settle lawsuit over pirated books used to train AI chatbots (AP Technology Writer, 5 September 2025) <https://apnews.com/article/anthropic-copyright-authors-settlement-training-f294266bc79a16ec90d2ddccdf435164> accessed 10 September 2025  

Bribery Act 2010 (The Law Society) <https://www.lawsociety.org.uk/topics/regulation/bribery-act-2010/> accessed 10 September 2025  

Copyright and artificial intelligence in South Africa: Rethinking authorship and originality in the digital age (Werksmans Attorneys) <https://www.werksmans.com/legal-updates-and-opinions/copyright-and-artificial-intelligence-in-south-africa-rethinking-authorship-and-originality-in-the-digital-age/> accessed 10 September 2025

Professional Body Guide/Website

Bribery in South Africa: Law now puts a duty on companies to act (Corruption Watch) <https://www.corruptionwatch.org.za/bribery-in-south-africa-law-now-puts-a-duty-on-companies-to-act/> accessed 10 September 2025  

Legal Firm Publication

Corporate crime risk – Economic Crime and Corporate Transparency Act (Pinsent Masons) <https://www.pinsentmasons.com/out-law/guides/corporate-crime-risk-economic-crime-and-corporate-transparency-act/> accessed 10 September 2025  

Do non-members of the Advertising Regulatory Board have to comply with its code? (Bizcommunity.com)  <https://www.bizcommunity.com/Article/196/740/208339.html/> accessed 10 September 2025  

Greenwashing and the role of the Advertising Regulatory Board in South Africa (Webber Wentzel) <https://www.webberwentzel.com/News/Pages/greenwashing-and-the-role-of-the-advertising-regulatory-board-in-south-africa.aspx/> accessed 10 September 2025 

 The Economic Crime and Corporate Transparency Act 2023 (ECCTA) (Macfarlanes, 16 June 2025) <https://www.macfarlanes.com/what-we-think/102eli5/the-economic-crime-and-corporate-transparency-act-2023-eccta/> accessed 10 September 2025 

TotalEnergies slapped with historic greenwashing ruling (African L. & Bus., 14 August 2025) <https://www.africanlawbusiness.com/news/21348-totalenergies-slapped-with-historic-greenwashing-ruling/> accessed 10 September 2025   

Business News Article

Generative AI and IP in South Africa: Navigating the legal landscape (ENSafrica) <https://www.ensafrica.com/news/detail/10556/generative-ai-and-ip-in-south-africa-navigati/> accessed 10 September 2025  

Legal Blog/Forum Publication

Navigating an organisation’s obligation to prevent corruption under Section 34A of PRECCA (Financial Inst. Legal Snapshot, 12 March 2025) <https://www.financialinstitutionslegalsnapshot.com/2025/03/12/navigating-an-organisations-obligation-to-prevent-corruption-under-section-34a-of-precca/> accessed 10 September 2025 

South Africa (Norton Rose Fulbright) <https://www.nortonrosefulbright.com/en-za/knowledge/publications/south-africa/> accessed 10 September 2025  

 News Article

What is the difference between corporate manslaughter and gross negligence manslaughter? (Askews Legal LLP) <https://askewslegal.co/insights/business-defence/what-is-the-difference-between-corporate-manslaughter-and-gross-negligence-manslaughter/> accessed 10 September 2025  

[1] An Analysis of the Failure of a Company to Prevent Bribery Under the Prevention and Combating of Corrupt Activities Act, 142 S. AFR. L.J. 347 (Jan. 2025).

[2] Bribery in South Africa: Law now puts a duty on companies to act (Corruption Watch) <https://www.corruptionwatch.org.za/bribery-in-south-africa-law-now-puts-a-duty-on-companies-to-act/> accessed 10 September 2025

[3] South Africa (Norton Rose Fulbright) <https://www.nortonrosefulbright.com/en-za/knowledge/publications/south-africa/> accessed 10 September 2025

[4] Navigating an Organisation’s Obligation to Prevent Corruption Under Section 34A of PRECCA, FIN. INST. LEGAL SNAPSHOT (Mar. 12, 2025), [https://www.financialinstitutionslegalsnapshot.com/2025/03/12/navigating-an-organisations-obligation-to-prevent-corruption-under-section-34a-of-precca/](https://www.financialinstitutionslegalsnapshot.com/2025/03/12/navigating-an-organisations-obligation-to-prevent-corruption-under-section-34a-of-precca/) 

[5] Corporate Crime Risk – Economic Crime and Corporate Transparency Act, PINSENT MASONS, [https://www.pinsentmasons.com/out-law/guides/corporate-crime-risk-economic-crime-and-corporate-transparency-act/](https://www.google.com/url?sa=E&source=gmail&q=https://www.pinsentmasons.com/out-law/guides/corporate-crime-risk-economic-crime-and-corporate-transparency-act/)

[6] The Economic Crime and Corporate Transparency Act 2023 (ECCTA)’ (Macfarlanes, 16 June 2025) <https://www.macfarlanes.com/what-we-think/102eli5/the-economic-crime-and-corporate-transparency-act-2023-eccta/> accessed 10 September 2025

[7] What is the difference between corporate manslaughter and gross negligence manslaughter?’ (Askews Legal LLP) <https://askewslegal.co/insights/business-defence/what-is-the-difference-between-corporate-manslaughter-and-gross-negligence-manslaughter/> accessed 10 September 2025

[8]Greenwashing and the Role of the Advertising Regulatory Board in South Africa, WEBBER WENTZEL, [https://www.webberwentzel.com/News/Pages/greenwashing-and-the-role-of-the-advertising-regulatory-board-in-south-africa.aspx/](https://www.google.com/url?sa=E&source=gmail&q=https://www.webberwentzel.com/News/Pages/greenwashing-and-the-role-of-the-advertising-regulatory-board-in-south-africa.aspx/)

[9] TotalEnergies Slapped with Historic Greenwashing Ruling, AFRICAN L. & BUS. (Aug. 14, 2025), [https://www.africanlawbusiness.com/news/21348-totalenergies-slapped-with-historic-greenwashing-ruling/](https://www.africanlawbusiness.com/news/21348-totalenergies-slapped-with-historic-greenwashing-ruling/)

[10] Do Non-Members of the Advertising Regulatory Board Have to Comply with its Code?, BIZCOMMUNITY.COM, [https://www.bizcommunity.com/Article/196/740/208339.html/](https://www.google.com/url?sa=E&source=gmail&q=https://www.bizcommunity.com/Article/196/740/208339.html/

[11] Generative AI and IP in South Africa: Navigating the Legal Landscape, ENSAFRICA, [https://www.ensafrica.com/news/detail/10556/generative-ai-and-ip-in-south-africa-navigati/](https://www.ensafrica.com/news/detail/10556/generative-ai-and-ip-in-south-africa-navigati/)

[12] Matt O’Brien, Anthropic to Pay Authors $1.5 Billion to Settle Lawsuit Over Pirated Books Used to Train AI Chatbots, THE ASSOC. PRESS (Sept. 5, 2025), [https://apnews.com/article/anthropic-copyright-authors-settlement-training-f294266bc79a16ec90d2ddccdf435164](https://apnews.com/article/anthropic-copyright-authors-settlement-training-f294266bc79a16ec90d2ddccdf435164)

[13] Amazon-backed Startup Agrees to Pay $1.5 Billion to Authors for Using Pirated Books to Train AI, Says We Remain Committed to…, THE TIMES OF INDIA, [https://timesofindia.indiatimes.com/technology/tech-news/amazon-backed-startup-agrees-to-pay-1-5-billion-to-authors-for-using-pirated-books-to-train-ai-says-we-remain-committed-to/articleshow/123738016.cms/](https://www.google.com/url?sa=E&source=gmail&q=https://timesofindia.indiatimes.com/technology/tech-news/amazon-backed-startup-agrees-to-pay-1-5-billion-to-authors-for-using-pirated-books-to-train-ai-says-we-remain-committed-to/articleshow/123738016.cms/)

[14] Copyright and Artificial Intelligence in South Africa: Rethinking Authorship and Originality in the Digital Age, WERKSMANS ATT’YS, [https://www.werksmans.com/legal-updates-and-opinions/copyright-and-artificial-intelligence-in-south-africa-rethinking-authorship-and-originality-in-the-digital-age/](https://www.google.com/url?sa=E&source=gmail&q=https://www.werksmans.com/legal-updates-and-opinions/copyright-and-artificial-intelligence-in-south-africa-rethinking-authorship-and-originality-in-the-digital-age/)

[15] AI Regulation in South Africa: Compliance and Governance, NEMKO, [https://digital.nemko.com/regulations/ai-regulation-in-south-africa/](https://www.google.com/url?sa=E&source=gmail&q=https://digital.nemko.com/regulations/ai-regulation-in-south-africa/)