Share with your friends

Facilitation of tax evasion: sporadic progress one year on

Facilitation of tax evasion: sporadic progress

It’s the first anniversary of the Corporate Criminal Offence (CCO) of Failing to Prevent the Facilitation of Tax Evasion. Yet, only pockets of the economy have been responsive and have begun to put plans in place for compliance. Why?


Also on

Facilitation of tax evasion: sporadic progress one year on

The launch of the new legislation on facilitation of tax evasion in September 2017 marked a step change in the Government’s efforts to respond to fiscal crime and boost tax revenues. While some sectors have been quick to introduce controls, the general lack of progress since made by the wider business community is worrying.

Upon reaching its first anniversary, the Corporate Criminal Offence (CCO) of Failing to Prevent the Facilitation of Tax Evasion remains a potentially disruptive force that could lead to a criminal conviction for a corporate, unlimited fines and significant reputation damage. Yet, only pockets of the economy have been responsive and have begun to put plans in place for compliance.

These organisations are most likely to come from heavily regulated industries, such as banking and financial services, where they are often following patterns of compliance procedures they are already using. They are likely to be conducting preliminary risk assessments and workshops to identify the best path to take. In some cases, we have seen firms taking on new teams of one or two tax or financial crime professionals to monitor new systems and controls as permanent staff. Meanwhile, many are adding this responsibility to their existing staff’s busy workloads.

Beyond financial services, the picture is patchier with relatively little movement. Some have made good progress but, all too often, businesses believe that the CCO legislation isn’t something that concerns them. While some service types are more prone to abuse than others, tax evasion and its facilitation is a risk throughout the economy.

Alongside those that have not even considered the legislation, there are firms that have made some start, but progress has been limited. In some cases, progress has stopped altogether as they are side-tracked by other matters and CCO is pushed down the corporate agenda, amidst wider change

The Challenges

There are several factors that are driving apathy among some businesses towards the legislation and can, to an extent, explain the inability of so many to sustain suitable progress for compliance:

The ‘wait and see’ approach

First and foremost, there is an argument that it may take time for HMRC to come knocking as any investigation will need to prove both that tax evasion has taken place and that this was facilitated since the latest legislation came into effect.

That is before even determining whether an individual facilitator is the responsibility of an organisation. Only if the organisation has responsibility can it be pursued for the failure to prevent facilitation. However, any future investigations will take a historic look at controls in place at the time the facilitation of the tax evasion occurred.

If the offence took place during the early days when controls were not in place, much focus will likely be on how much progress was made since and whether such an offence could take place in the current set-up.

As such, any organisation will need to start preparations right away if it wants to have a defence against prosecution. Their only defence is having designed and implemented ‘reasonable procedures’.

Rushing through a response

We have also seen organisations realise that building a CCO response can take much longer than originally expected. The key challenge here is around timing, co-ordination and prioritisation. Organisations can quickly get into difficulties if they focus either on the immediate goal of completing a risk assessment without thinking through the methodology and approach, or rush controls into business as usual (BAU) without properly understanding the risks.

In some cases, too much reliance on existing anti-bribery and corruption (ABC) controls can prove to be costly. Whilst some of these ABC controls may be relevant to address CCO risk, in many cases they need to be adapted or tailored to the specific risk. Blindly monitoring them without due consideration of how they address CCO risk as opposed to bribery risk may not be considered a ‘reasonable’ procedure should a court case occur.

The driver to get something in place quickly to satisfy HMRC is understandable, but the result must be coherent, considered and proportionate. Our experience with clients is that a pilot works well to introduce the topic, educate the business and test the methodology while providing a quick snapshot of risk within the organisation. This in turn can be used to formulate a coherent and effective action plan through to BAU.

Internal resistance

We have also seen cases where organisations struggle to get traction behind their own plans internally. Tax evasion facilitation is, at its heart, a conduct risk and closely linked to the behaviour of individuals within a firm. This means that it relies on a broad spectrum of areas that often do not see themselves as relevant to compliance systems and controls, such as procurement and HR, and may be less willing to contribute to the build-out of the reasonable procedures as the only defence available to corporates.

Although some organisations continue to view CCO as a tax issue and are recruiting into tax departments to fill new roles, we are increasingly seeing organisations leading CCO risk management from the compliance and financial crime departments, with a mixed amount of support from the tax department.

The general wisdom is that financial crime and compliance teams tend to have experience of building systems and controls which is a different matter from recognising risk in individual transactions and situations, where tax experts tend to provide valuable expertise. Also, there are distinct similarities in the risk management of CCO and other compliance areas – particularly ABC, although, as mentioned above, it should not be done as a ‘copy and paste’

The challenge is to ensure that the right stakeholders are engaged in the topic, with both the tax and compliance functions having an important role to play, and that CCO risk will continue to be effectively governed and monitored in the longer term. Experience with clients is that compliance functions’ familiarity with systems and controls is a key success factor when transitioning from the risk assessment phase into implementation of identified actions, while tax teams are invaluable in providing SME insight across the process.

Domestic-only focus

Another issue we have seen is organisations overlooking non-UK risks. Most organisations are currently focusing on the UK offence, as opposed to the foreign offence. There is a good rationale for focusing on UK-based activities as an initial step: firstly, the risk of prosecution is arguably greatest in respect of UK facilitation; and secondly, this allows important learnings from the UK work to be leveraged in later global work.

The challenge is for companies to ensure, having completed the UK part of the work, that they do not then allow other priorities to distract them from this next crucial stage. Our experience is that clients often struggle to develop engagement and support from teams and departments outside the UK, in respect of CCO, on the basis that it is UK legislation. One way to tackle this is to focus on the broader risks presented by tax evasion facilitation, as opposed to the particularities of the UK legislation.

Benchmarking – what does good look like?

Those that will stand up to scrutiny will be the organisations that have recorded the progress and output of their efforts to put controls in place. No matter how slow a start they might have made, any efforts towards compliance will be far better than none.

So, for those trying to determine how far behind or ahead of the curve they might be, it would be useful to offer a benchmark for progress. By now, businesses should have taken the following steps towards compliance:

A proportionate and timely response at this stage will include, not least having:

  • conducted a risk assessment to understand the organisation’s risk environment, and where risk is greatest across its business activity;
  • put in place a response plan, detailing implementation required to update controls and procedures considering the new offence, including budget and people required to complete the work;
  • started the process of remedying any identified gaps in current control framework;
  • commenced a training and awareness programme covering all relevant staff and departments;
  • learned lessons from the initial/pilot/high level risk assessment for the next round which could be due later this year.

Thought should also be given to next steps, including:

  • adoption of CCO controls within BAU processes and platforms, ensuring ongoing monitoring and review is effective and embedded;
  • documented and sustainable governance of CCO risk management, with sufficient senior management engagement;
  • a proportionate but comprehensive global phase of work (where relevant), addressing high risk countries / divisions and including a clear plan through to BAU;
  • an early draft of a programme document that shows how different parts of the whole connect and create a programme of controls, accepting that this will change. An exercise such as this, although often overlooked in systems and controls building, is going to help think through in a holistic manner, and document well, what contributes to the reasonable procedures at a firm, preparing better answers should anyone ask in the future.

Wherever an organisation sits against this benchmark, they need to remember that the CCO legislation must be taken seriously to support their own commitments to good corporate governance.

Tax evasion continues to sit heavy on the public consciousness, arguably more so than bribery and corruption. The appetite and ability to mount significant investigations are certainly there, and hence this legislation will turn out in future to have some teeth.

Risk functions must ramp up their own efforts to put controls and plans in place to tackle the facilitation of tax evasion, sooner, rather than later, or risk getting bitten.

This article was first published by Fraud Intelligence.

© 2020 KPMG LLP, a UK limited liability partnership, and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.

KPMG International Cooperative (“KPMG International”) is a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.

Connect with us


Want to do business with KPMG?


loading image Request for proposal