For decades, the non-executive director role carried a certain comfortable ambiguity. You attended board meetings, reviewed papers, offered strategic perspective, and collected a fee. The legal exposure was theoretical. That era is over.
The shift from collective board responsibility to individual director accountability has been accelerating for some time. But 2026 marks an inflection point. A convergence of legislative reform, regulatory enforcement action, and judicial precedent has created an environment in which non-executive directors face personal liability exposure that many still do not fully appreciate — or adequately prepare for.
The Legal Fiction That No Longer Holds
UK company law has never recognised a formal distinction between executive and non-executive directors. Sections 171 to 177 of the Companies Act 2006 impose the same seven statutory duties on every director: to act within powers, promote the success of the company, exercise independent judgment, apply reasonable care, skill, and diligence, avoid conflicts of interest, decline third-party benefits, and declare interests in proposed transactions.
The duty of care under Section 174 is particularly significant for non-executives. It applies a dual test — both an objective standard (what a reasonably diligent person in that position would do) and a subjective standard (what this particular director, with their specific knowledge and experience, should have done). A retired FTSE 100 finance director serving as a NED on an audit committee is held to a higher standard than a first-time appointee with no financial background. The law is clear on this, even if boardroom culture has been slow to absorb it.
The Court of Appeal's decision in Lexi Holdings plc v Luqman remains instructive. The court found that non-executive directors who knew of a managing director's prior convictions had a positive duty to supervise and probe — and that their passivity constituted a breach. The days of the "sleeping director" defence, if they ever truly existed, are definitively gone.
The 2025–2026 Enforcement Acceleration
Three parallel developments have materially changed the risk landscape.
1. The Insolvency Service's Targeted Taskforce
The Insolvency Service disqualified over 1,000 directors in 2024/25, with an average ban of 8.1 years. But the more significant development is the creation of a dedicated taskforce in 2026 focused specifically on directors who close companies with unpaid debts and restart through new entities. This is no longer general enforcement — it is targeted, pattern-based investigation with the power to examine dissolved companies, seek interim disqualification orders during live investigations, and pursue compensation orders that can reach into the hundreds of thousands of pounds.
In February 2026, a director received a 12-year ban under this regime. The Insolvency Service now has two years following any disqualification to apply for a compensation order requiring personal repayment of creditor losses. In 2024/25, 90 directors faced such orders. Non-executives who assume this only applies to rogue owner-managers are mispricing their risk.
2. The Economic Crime and Corporate Transparency Act (ECCTA)
Since 18 November 2025, all company directors must verify their identity before their appointment can be registered at Companies House. Existing directors must complete verification by their next confirmation statement filing. Failure to comply can result in criminal proceedings with unlimited fines, inability to submit statutory filings, and potential disqualification.
More broadly, ECCTA has expanded the grounds for disqualification by widening the "three strikes" rule to include circumstances where financial penalties have been imposed for breaches of companies legislation. The practical effect is that minor compliance failures — late filings, incomplete records — can now accumulate toward disqualification thresholds far more easily than before.
3. The 2024 UK Corporate Governance Code
For listed companies, Provision 29 of the revised Code — effective for financial years beginning on or after 1 January 2025 — now requires boards to make a formal declaration on the effectiveness of material internal controls. This goes beyond narrative disclosure to a positive attestation covering financial, operational, reporting, and compliance controls. The board collectively must sign this declaration. There is no carve-out for non-executives who did not personally design or operate the controls in question.
The Financial Reporting Council has indicated that it is seeking powers to hold directors accountable for serious failures of corporate reporting duties through civil regulatory sanctions — enforcement without court proceedings. The Corporate Reporting Authority, once established, will have direct sanctioning power over individual directors.
HMRC's Personal Liability Notices
An area of exposure that receives insufficient attention in boardroom governance discussions is HMRC's use of Personal Liability Notices (PLNs). Under Section 121C of the Social Security Administration Act 1992, HMRC can transfer unpaid company National Insurance Contributions directly to individual directors where it alleges the non-payment resulted from fraud or neglect.
PLNs are not limited to registered directors. HMRC routinely targets de facto directors, shadow directors, and senior managers who exercised real influence over financial decisions. Once issued, a PLN creates a direct personal debt enforceable through statutory demands, bankruptcy proceedings, or charging orders over property. HMRC's enforcement posture in 2026 is, by all accounts, more assertive than at any point in recent decades — with PLNs commonly deployed alongside winding-up petitions and disqualification investigations.
Non-executive directors who sit on audit or finance committees, or who are involved in decisions about creditor prioritisation during periods of financial stress, should understand that their position offers no automatic protection from this regime.
The Insurance Gap
Directors' and Officers' insurance remains a critical safeguard, but it is not a complete answer. The D&O market in 2025 was characterised by premium stabilisation after years of soft conditions, with WTW forecasting flat-to-modest increases in 2026. Underlying claims severity is rising, driven by regulatory enforcement, AI-related exposures, and geopolitical sanctions risk.
More critically, D&O policies typically exclude fines, penalties, and criminal proceedings — precisely the categories of exposure that are expanding fastest for directors. Indemnities from the company itself may be worthless if the company is insolvent at the point of claim. The gap between what directors believe they are covered for and what their policies actually respond to in a distressed scenario is, in many cases, wider than either party realises.
What Prudent Governance Looks Like
None of this is cause for panic. It is cause for rigour. Non-executive directors who approach their role with appropriate diligence, maintain contemporaneous records, and engage proactively with risk have strong defences available. The standard is not perfection — it is reasonableness.
Practically, that means:
The Larger Point
The regulatory and enforcement architecture around director accountability has changed fundamentally. The direction of travel — more personal liability, more proactive enforcement, more data-driven investigation — is not going to reverse. Non-executive directors who treat their appointment as a mark of status rather than a commitment to active governance are carrying risk they have not priced.
Boards that treat governance as a strategic capability rather than a compliance exercise will not only protect their directors. They will protect the enterprise. The two are no longer separable.
Lexkara & Co advises boards and individual directors on governance risk, regulatory exposure, and the structuring of director protections. If you have questions about your personal liability position, we welcome your enquiry.