
Publication
Essential Corporate News – Week ending 11 July 2025
On 1 July 2025, the Quoted Companies Alliance (QCA) published three new board committee guides to accompany the QCA Environmental and Social Guide published in December 2024.
United Kingdom | Publication | September 2020
It is now three years since the corporate criminal offences of failing to prevent facilitation of UK and foreign tax evasion came into effect.
HMRC have now committed to providing biannual updates on their counteraction activities. The first of these shows that, as at July 31, HMRC had 10 live investigations and a further 22 under review. HMRC report that the “live” investigations span ten different business sectors including financial services, oil, construction, labour provision and software development and involve both small businesses and some of the UK’s largest organisations.
The introduction of the offences, usually referred to together as the “CCO”, was always primarily about changing behaviour and attitudes towards risk and forcing businesses to put in place procedures to stop the facilitation of tax evasion. The offences have to be seen in the context of the UK Government’s strong commitment to combat perceived tax avoidance and evasion, as well as other forms of economic crime. This mirrors international moves in this area and a growing use of the criminal law to stamp down on so-called tax abuses.
There is a (sole) statutory defence, where at the time of the offence, the relevant body had reasonable prevention procedures in place to prevent tax evasion facilitation offences or where it is unreasonable to expect such procedures. As potential fines are unlimited (and there are other consequence such as reputational damage), this is important.
Government guidance, published back in September 2017 and last updated in May 2018, is key to understanding the scope of the offences. This guidance is supplemented by government-endorsed sector-specific guidance from industry bodies. The Law Society published updated guidance in January 2019 and approved guidance for the financial services sector was published by UK Finance in February 2018. Each organisation must have looked at its own specific risks; it would be unwise to rely on generic guidance or to rely on historic procedures to combat related offences.
Back when the regime was announced, it was clear that organisations should have a clear timeframe and implementation plan by the time the offences came into force and businesses worked hard to identify major risks and priorities. The guidance acknowledged that some procedures such as training programmes and new IT systems would take time to put in place and that what is it is “reasonable” to expect would change over time. It also noted that prevention procedures that were planned (but not yet in place) at the time an offence is committed would be taken into consideration in defence. However, it was also clear that “rapid implementation” was expected. Three years into the regime, businesses will be expected to have procedures established and to be able to demonstrate their effectiveness and top-level management commitment. Businesses should periodically refresh and review what they have in place.
The need to be able to demonstrate compliance is also important when businesses are bought or sold: a buyer will want to check that the new group company has appropriate procedures in place and will need to integrate those with procedures in their existing group; a seller should expect to be asked to warrant that it has appropriate procedures in place.
The offences are a reaction to the Government’s frustration at the difficulty in attributing criminal liability to companies and partnerships (“relevant bodies”) where tax evasion was facilitated by employees or other associates. As a result, the offences are “strict liability” offences and do not require proof of involvement of the “directing mind” (effectively senior management) of the entity. In contrast to the Bribery Act 2010, on which the offences have been largely modelled, it does not matter whether any benefit has been obtained from facilitating the tax evasion.
Potential fines are unlimited. Disclosure may also be required to professional regulators and conviction may prevent organisations being eligible for public contracts as well as lead to wider reputational damage. Both UK and international businesses can be within scope. While financial services, legal and accounting sectors are likely to be most affected, all companies and partnerships are potentially within ambit as evidenced by the wide range of industries subject to the current investigations.
The UK domestic offence is split into three components, referred to as “stages”.
Stage 1: Criminal evasion of tax by the taxpayer |
This picks up the offence of cheating the public revenue and all other statutory offences involving dishonestly taking steps with a view to, or being “knowingly concerned in”, the fraudulent evasion of tax. Anything falling short of a criminal offence at taxpayer level does not count. There need not be an actual criminal conviction against the taxpayer but where the Crown Prosecution Service has chosen not to pursue a conviction it needs to prove to the criminal standard when prosecuting the relevant body that the underlying taxpayer offence had, in fact, been committed. |
Stage 2: Criminal facilitation of the tax evasion by an “associated person” of the relevant body who is acting in that capacity |
Committing a “UK tax evasion facilitation offence” requires deliberate and dishonest action to facilitate the tax-payer level evasion – assisting unwittingly, even if negligently, is not be caught by this offence.
Referrals and sub-contracting are also discussed in the guidance.
The guidance responds to concerns that there can be liability where a corporation has little or no control over those providing services and notes that this will be a factor in considering what constitutes “reasonable” procedures. It may be sufficient in respect of sub-contractor staff, to include a term in the contract requiring the subcontractor to provide the necessary controls in respect of its staff. This is something seen in the context of the Bribery Act and equivalent foreign regimes. |
Stage 3: Failure by the relevant body to prevent that facilitation |
This is a strict liability offence. There is a statutory defence where, at the time of the offence, the relevant body had reasonable prevention procedures in place to prevent its associated persons from committing tax evasion facilitation offences or where it is unreasonable to expect such procedures. |
The foreign offence starts from the premise that tax evasion is wrong and that a UK-based relevant body should not escape liability for failure to prevent the facilitation of tax evasion simply because the foreign country suffering the tax loss is unable to bring a prosecution against it. In addition to the three stages outlined above, the foreign offence requires a “UK Nexus” and “dual criminality”. |
|
UK Nexus |
This will exist where the relevant body:
The guidance expands a little on this. Examples given include:
This confirms concerns raised in responses to consultation that overseas head office operations would be brought within scope by a UK branch. |
“Dual criminality” |
The requirement for “dual criminality” is met where both the actions of the taxpayer (tax evasion) and of the facilitator would be an offence in the UK and where the overseas jurisdiction also has equivalent criminal offences at both the taxpayer and facilitator level: the offence cannot be committed in relation to act that would not be illegal in the UK. This means that there will be no UK offence regardless of the standards of the foreign law where the facilitation was inadvertent or negligent. |
Establishing a defence: “Reasonable prevention procedures” What constitutes “reasonable prevention procedures” is informed by six guiding principles. These follow the guiding principles identified in guidance to the Bribery Act. Whilst there may be some efficiency in developing procedures alongside those already in place (such as for the Bribery Act) it is not a matter of simply piggybacking another regime. The guidance is clear that an entity must have in place “bespoke prevention measures” based on the “unique facts of its own business” and the risks identified. A thorough risk assessment must have been undertaken having regard to Government and sector-focused industry guidance; and again, whilst the guidance is helpful, the Government stress the importance of each business looking at their own circumstances and risks. |
|
Principle 1 Risk assessment |
The organisation must assess the nature and extent of its exposure to risk. The guidance refers to concepts familiar from Anti-Money Laundering guidance: you must “sit at the employee’s desk” and ask whether they have a motive and opportunity to facilitate tax evasion. The headline characteristics of appropriate procedures broadly reflect those in guidance to the Bribery Act but the identified areas of high risk differ. A number of additional characteristics are identified which go to identification of emerging risks and identified tax-specific “commonly encountered risks”. Providing services in jurisdictions outside the Common Reporting Standard or offering a product with a known or identified risk of misuse are identified as risks. Transactions identified as high risk include complex tax planning structures involving high levels of secrecy, overly complex supply chains and transactions involving politically exposed persons. Financial services, tax advisory and legal sectors are identified as sectors with particular risk. The guidance also imports high risk factors identified in the Joint Money Steering Group (JMLSG) guidance which identifies as high risk private banking, anonymous transactions, non-face-to-face business relationships and payment received from unknown or unassociated parties. |
Principle 2 Proportionality of risk-based prevention procedures |
To be “reasonable” the prevention procedures must be proportionate to the risks.
Organisations offering private wealth management services are particularly identified as facing significant risks. The procedures are expected to evolve with the relevant body’s activities and the risk climate. |
Principle 3 Top level commitment |
The procedures in place must reflect the commitment of top-level management to prevent engagement in facilitation of tax evasion and the fostering of an atmosphere in which it is never acceptable. Management must be able to demonstrate that they are both committed in this way and that their commitment is shared by all in the business. The guidance sets out a series of formal messages that might be given, including:
|
Principle 4 Due diligence |
The guidance recognises that substantial due diligence is already undertaken in high risk sectors in relation to specific transactions, clients or jurisdictions. That will not necessarily be correctly targeted for the offence: the risk assessment will determine what is required. Procedures are likely to differ across an organisation to reflect varying levels of risk. |
Principle 5 Communication (including training) |
The focus here is on effective internal communication including establishment of whistleblowing channels. Effective external communication is also identified as important to send a strong deterrent message to potential criminal parties. Suggested training is set out. What is required from training is an understanding of the scope of the offences and the associated risks, of how to seek advice, raise concerns and of whistleblowing procedures rather than a detailed understanding of tax rules. |
Principle 6 Monitoring and review |
There is a focus on monitoring, regular review and adjustment throughout the guidance. Review might be undertaken on a formal periodic basis but might also be prompted by market developments or the identification of criminal activity: the risk assessment will guide what is reasonable and proportionate. |
Prosecuting authorities are able to employ Deferred Prosecution Agreements (DPAs), used for economic crimes including fraud and bribery, to help mitigate the collateral damage that would otherwise be caused to an organisation and those dependent on it by an actual conviction under these offences. This is at their discretion and subject to certain conditions being met: the basic message is that an organisation needs to have appropriate defensive procedures in place.
Implementation has been a large task for many organisations, particularly those operating globally. The first step was for groups to identify risk areas and to work out what procedures are appropriate, and how best to implement them, so that commitment was demonstrable. Three years into the regime, they will now be expected to have gone on to implement the identified training and procedures and potentially to have reviewed their continued efficacy.
The guidance includes a number of basic examples relating to branch and subsidiary situations which highlight the need for adequate prevention procedures to be implemented wherever staff and associated persons act and not just in the UK. Establishing “reasonable prevention procedures” will also involve revisiting contracts with sub-contractors and other “associated bodies” to confirm that those contracts require them to have necessary procedures in place. Whether changes can wait to be made when contracts are renegotiated is fact and risk reliant: particular care is needed in respect of contractual arrangements with associated persons identified as high risk or with whom bespoke arrangements are entered into.
Procedures are expected to evolve with the relevant body’s activities and the risk climate. Guidance is expected to develop over time to reflect industry experience and so this also needs to be monitored. There is no one-size fits all approach that can be taken which means that businesses have undertaken risk assessments and then implemented controls and procedures in response to identified risk areas. Retention of records demonstrating compliance activity will be key if facilitation of evasion is identified.
Publication
On 1 July 2025, the Quoted Companies Alliance (QCA) published three new board committee guides to accompany the QCA Environmental and Social Guide published in December 2024.
Publication
In the two years since our last climate litigation update, the prevalence and variety of global climate litigation around the world has continued to increase.
Publication
Selon un rapport conjoint du Bureau du surintendant des institutions financières (BSIF) et de l’Agence de la consommation en matière financière du Canada (ACFC), environ 70 % des institutions financières fédérales prévoient utiliser l’IA d’ici 2026 .
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2025