diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 06ef6dcf9..ff085e6dc 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,12 +1,18 @@
 class ApplicationController < ActionController::Base
   include Pundit::Authorization
 
+  rescue_from Pundit::NotAuthorizedError, with: :render_not_authorized
+
   before_action :set_paper_trail_whodunnit
 
   def render_not_found
     render "errors/not_found", status: :not_found
   end
 
+  def render_not_authorized
+    render "errors/not_found", status: :unauthorized
+  end
+
   def render_not_found_json(class_name, id)
     render json: { error: "#{class_name} #{id} not found" }, status: :not_found
   end
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
new file mode 100644
index 000000000..f120eb02a
--- /dev/null
+++ b/spec/controllers/application_controller_spec.rb
@@ -0,0 +1,23 @@
+require "rails_helper"
+
+RSpec.describe ApplicationController do
+  describe "when Pundit::NotAuthorizedError raised" do
+    render_views
+
+    controller do
+      def index
+        raise Pundit::NotAuthorizedError, "error goes here"
+      end
+    end
+
+    it "returns status 401 unauthorized" do
+      get :index
+      expect(response).to be_unauthorized
+    end
+
+    it "renders page not found" do
+      get :index
+      expect(response.body).to have_content("Page not found")
+    end
+  end
+end
diff --git a/spec/requests/bulk_upload_lettings_results_controller_spec.rb b/spec/requests/bulk_upload_lettings_results_controller_spec.rb
index 640de237b..91d7a0742 100644
--- a/spec/requests/bulk_upload_lettings_results_controller_spec.rb
+++ b/spec/requests/bulk_upload_lettings_results_controller_spec.rb
@@ -45,9 +45,8 @@ RSpec.describe BulkUploadLettingsResultsController, type: :request do
       let(:viewing_user) { other_user }
 
       it "is not accessible" do
-        expect {
-          get "/lettings-logs/bulk-upload-results/#{bulk_upload.id}/summary"
-        }.to raise_error(Pundit::NotAuthorizedError)
+        get "/lettings-logs/bulk-upload-results/#{bulk_upload.id}/summary"
+        expect(response).to be_unauthorized
       end
     end