First UK corporate criminal tax prosecution ‘a warning’ to businesses

Penny Simmons, tax risk expert at Pinsent Masons, was commenting following news that Bennett Verby, a UK accounting firm, has been charged by HM Revenue & Customs (HMRC) with failing to prevent the facilitation of UK tax evasion. The case against the company is understood to involve an alleged fraud in relation to research and development tax credits, according to press reports. Six individuals have also been charged alongside the company for various alleged offences, including cheating the public revenue, making articles for use in fraud and money laundering.

“This case is the first prosecution since the offences were introduced eight years ago,” said Simmons. “Businesses have often cited the lack of prosecutions as evidence that the corporate criminal tax offences posed only a theoretical risk with the risk of action by HMRC being low – this case casts real doubt over that theory.”

Two corporate criminal tax offences (CCOs) were introduced on 30 September 2017 under the Criminal Finances Act 2017 and make it a criminal offence if a business fails to prevent its employees or any person associated with it from facilitating tax evasion. A successful prosecution can result in an unlimited fine and a criminal record for the business, restricting its access to some regulated markets and preventing its ability to bid for government contracts in the UK and overseas.

The CCOs effectively make a business vicariously liable for the criminal acts of its employees and other persons 'associated' with it, even if the senior management of the business was not involved or aware of what was going on.

A business will have a defence if it can prove that it had put reasonable procedures in place to prevent the facilitation of tax evasion, or that it was not reasonable in all of the circumstances to expect there to be procedures in place. Guidance published by HMRC identifies six guiding principles that underpin the defence, one of which is that a business undertakes a risk assessment to determine its exposure to the CCOs. To manage CCO risks, businesses should undertake effective due diligence in relation to their suppliers, contractors and employees and should be looking closely at where and the manner in which payments are made for goods and services.

“It is understood that HMRC has been ramping up compliance and enforcement activity in relation to the offences for some time and the extent of control procedures to prevent the facilitation of tax evasion often forms part of discussions between HMRC and large businesses during routine business risk reviews. This case services as a timely reminder to all businesses – large and small – that if they haven’t already undertaken a risk assessment to determine their exposure to the CCOs and introduced enhanced prevention controls they should do so without delay. Given that HMRC's guidance on the reasonable procedures defence confirms that controls should be regularly monitored and reviewed, businesses should also ensure that they have review procedures in place - a single risk assessment undertaken eight years ago is highly unlikely to be sufficient to effectively manage CCO risks,” said Simmons. 

“It is also interesting that HMRC’s first prosecution coincides with the introduction of the new failure to prevent fraud offence that became law on 1 September, creating another offence in the government’s growing arsenal of fraud and tax prevention measures,” she said.

The new failure to prevent fraud offence, introduced under the Economic Crime and Corporate Transparency Act 2023 (ECCTA), applies to large organisations which are businesses with two of the following applying: more than a £36m turnover; more than £18m in assets; or more than 250 employees. For group organisations, the criteria apply to the whole organisation regardless of where the organisation is headquartered or where its subsidiaries are located. Similar to the CCOs, there is also a defence if the business can prove that it had reasonable procedures in place to prevent fraud.