Effective tax risk management and associated controls are critical to business performance. Without understanding its tax risks, your business faces not only unexpected penalties, but potential reputational damage or employee issues.
Do you know where your tax risks are?
The tax environment is more complex than it has ever been, and every business needs to manage its limited resources to identify and minimise as much tax risk as possible.
We can guide you through the process of assessing and addressing your tax risk and ensure you are compliant with HMRC’s increasing tax governance requirements.
- Senior accounting officer
- UK tax strategy
- Business Risk Review +
- Tax Control Framework
- Corporate Criminal Offence
Senior accounting officer
The senior accounting officer (SAO) regime forms a key part of how a large business is expected to manage its tax risk and governance.
It was introduced by the Finance Act 2009, with the aim of reducing the UK tax gap (the difference between the amount of tax that should be paid to HMRC and what is actually paid) by improving businesses’ tax governance.
Broadly, it is a requirement for UK companies (or the UK companies in a group combined) that generate a turnover of more than £200m or have a balance sheet total of greater than £2bn.
What’s the risk?
The company could be faced with a fine of £5,000 for failing to notify the name of the SAO within the required timeframe.
SAOs are personally liable for any failure to meet their obligations, with two possible £5,000 penalties chargeable on the SAO for:
- failing to meet their main duty; and
- failing to give HMRC a certificate within the required timescale, or providing a timely certificate that contains a careless or deliberate inaccuracy.
Added to the financial penalties, is the reputational damage of being subject to a penalty.
Common pitfalls
Companies, and therefore senior accounting officers, are often unaware of their responsibilities. The certificate and notification can be missed for the first few years after meeting the turnover / balance sheet threshold.
The SAO can be unaware that they are personally liable for non-compliance with the SAO regime and that they could be faced with a fine if the SAO requirements aren’t met.
In some cases, companies do not have documented procedures and controls in place or those that are in place aren’t sufficient.
How we can help
91̽»¨offers tailored advice and support covering all aspects of SAO. Whether it’s an initial workshop to identify areas of risk, a full risk-based SAO review and an in-depth review of specific taxes, an internal audit style review of your processes and controls, or maybe something more bespoke, we can tailor our support to suit your business needs.
UK tax strategy
The requirement to publish a UK tax strategy was introduced in the and applies to UK groups, sub-groups, companies and partnerships which generate a turnover of £200m or more, or have a balance sheet totalling more than £2bn (unless covered by a published strategy at a higher level).
The aim is to promote greater transparency in terms of approach to tax risk, and how it is managed by businesses through their governance and their internal control environment.
As a minimum, a UK tax strategy should set out:
- your approach to UK tax risk management and governance;
- your attitude towards tax planning;
- the board’s view on acceptable tax risk; and
- your approach to dealings with HMRC.
The tax strategy should be available online, be easily found, updated annually, and be published within the required timeframe.
What’s the risk?
Where the requirements aren’t met, penalties can be applied. The initial penalty for not publishing a tax strategy, or where a tax strategy doesn’t comply with the legislation, is £7,500. Further penalties can be charged the longer the business remains non-compliant.
Common pitfalls
The tax strategy requirement is often missed, particularly for Country by Country Reporting (CbCR) businesses that are smaller in the UK.
Common errors in published strategies include missing the legislative reference or the financial year to which the strategy relates.
Many strategies over-commit the business and fail to evidence the statements made. HMRC can ask to see documentation that supports the tax strategy.
How we can help
There is lots to consider when drafting and publishing your tax strategy. It can’t be copied and pasted from another company’s website. You’ll need to decide whether you simply want to comply with the minimum requirements, or if there’s anything you could, or should, explain and expand. You’ll also need to consider your audience, which could include your shareholders, potential investors, HMRC and members of the public and whether you can evidence the statements you’re making.
We can help by lending our experience and expertise of working with large businesses and advising on numerous tax strategies, as well as wider tax risk and governance requirements.
We can tailor our advice and support to your business and provide you with confidence that your tax strategy meets the requirements and represents your business effectively.
Business Risk Review +
The Business Risk Review + (BRR+) is a key feature of the relationship between large businesses and HMRC and replaces the previous BRR process.
BRR+ centres around HMRC’s assessment of the tax risk associated with businesses, for each tax regime, across three key headings:
- systems and delivery;
- internal governance; and
- approach to tax compliance.
There are four risk categories: low, moderate, moderate-high and high. HMRC uses the results of its assessment to determine its overall approach to you as the taxpaying business (the ‘taxpayer’), and its areas of focus for future risk assessment activity.
The BRR+ considers a number of factors when risk-assessing a business, including its size and complexity. The process also considers the compliance history of the business across the tax regimes, as well as compliance with requirements such as the senior accounting officer regime, UK tax strategy, and Corporate Criminal Offence.
For low-risk taxpayers, BRR+ will generally be undertaken on a three-year cycle. Taxpayers outside the low-risk category will attract a higher degree of scrutiny and can expect annual reviews.
What’s the risk?
Because of the more frequent interactions with HMRC, higher risk businesses will suffer an increased time and cost burden.
Along with the more practical risks, higher risk taxpayers can also attract reputational risk and financial penalties when they fall foul of HMRC’s requirements.
Common pitfalls
Many businesses aren’t aware of the BRR+ process, particularly if they are newly ‘large’, or they may be used to the previous regime and may not have experience of dealing with HMRC.
How we can help
We can provide advice, support and education on the new BRR+ process and help you in BRR+ readiness.
We can help you prepare for increased interactions with HMRC and advise on HMRC’s view of what good looks like, providing the assurance and confidence you need to become BRR+ ready.
Tax Control Framework
A Tax Control Framework (TCF) is a structured and systematic approach to identifying, categorising, assessing, reporting and monitoring tax risk. It is an important tool for businesses, and it is regarded as best practice by HMRC.
It allows businesses to ensure processes and controls are operating effectively in practice and to standardise risk management processes across the group.
Having a TCF in place makes it easier for you to identify your inherent tax risk footprint and assess the extent of control gaps and missed opportunities, as well as helping you to prioritise management actions based on your risk rating, to maximise return on resource.
Tax, and taxpayer behaviour, are increasingly under the spotlight when it comes to the ethical behaviours of businesses. The demand for tax transparency from stakeholders, as well as consumers, is rising.
What’s the risk?
The risks of not having a TCF in place include:
- unacceptable level of reporting inaccuracies;
- employees not understanding their responsibilities;
- negative impact on your relationship with HMRC;
- investor confidence falling;
- customers and clients turning to competitors; and
- obstacles when tendering for contracts, going through a sale or exit and problems with regulators.
Common pitfalls
- A general lack of processes and controls and/or lack of documentation around the processes and controls.
- As businesses grow and evolve, the controls and processes stay the same and are no longer fit for purpose.
- Key people move on and processes and controls aren’t documented or relied too heavily on those key people.
- Staff are unaware of their roles of responsibilities and there is a lack of communication and training.
How we can help
RSM’s tax risk and governance team provides a holistic offering or specific advice depending on your need. This can include:
- in-depth comprehensive tax and compliance reviews of all processes and controls, identifying gaps and providing solutions where those gaps are identified;
- undertaking workshops and carrying out risk reviews to establish strengths and weaknesses;
- advising on best practice and what HMRC thinks good looks like;
- identifying key areas of risk and focus;
- providing solutions such as: tax risk registers; responsibilities and controls matrix; up-to-date documented procedures, processes and controls; tax risk and control mapping and benchmarking; tax control framework design; policy and procedure review and drafting; controls templates and process and control design; and
- assisting with ongoing monitoring of risk including the use of tax technology and tax risk monitoring dashboards.
Corporate Criminal Offence
The failure to prevent the facilitation of tax evasion, known as Corporate Criminal Offence (CCO), is a strict liability criminal offence. Relevant bodies, including companies, limited liability partnerships and partnerships, are liable if they fail to prevent persons associated with them from criminally facilitating tax evasion.
- A person is ‘associated’ with the relevant body if they’re an employee, agent or other person who performs services (regardless of contractual relationship) for or on its behalf. It’s an intentionally broad definition.
- It’s a strict liability offence, meaning that the relevant body doesn’t need to have been guilty of deliberate dishonesty; the criminal offence arises automatically where evasion and facilitation of that evasion occurs.
- The only defence against a criminal charge is that the relevant body has implemented reasonable prevention procedures. Without this defence, the organisation could face a criminal conviction and unlimited fines.
For more information on how CCO applies to your business and the support we can offer, please visit our dedicated CCO page.
Specialist support
Our experienced team comprises individuals with a range of specialisms and backgrounds, from corporation tax, employment tax and VAT experts to former in-house heads of tax and ex-HMRC professionals.
We’ll work with you to understand your business, what your business needs and how we can help you.
For an informal discussion on tax risks in your business, and how we can help you manage them, contact Flora Barnes.