It is now three years since the enactment of the Criminal Finances Act 2017 and the “failure to prevent the facilitation of tax evasion” offence (the FTP Offence).
In these challenging times, it is important that businesses do not forget their obligation to keep prevention policies and procedures up to date. This includes updates to reflect new working practices for their workforce and any increased risks associated with potentially reduced levels of supervision while employees work from home.
As at 31 July 2020, HMRC confirmed that it had 10 live FTP Offence investigations, with a further 22 live opportunities currently under review. Businesses in the financial sector have been a key area of focus, with 12 investigations or opportunities relating to that sector. Other sectors covered include construction, labour provision and software development. HMRC's update notes that Covid-19 has impacted its development of FTP Offence investigations, and so the number of investigations may increase as HMRC operations return to normal.
As a reminder, The FTP Offence makes bodies corporate or partnerships ("relevant bodies") criminally liable if they fail to prevent the criminal facilitation of tax evasion by their associates (those performing services for or on behalf of them). This is a strict liability offence and the only defence is to demonstrate that either (a) they had in place "reasonable prevention procedures" or (b) it was reasonable to have no such prevention procedures in place.
Relevant bodies were expected to undertake a risk assessment of their business when the FTP Offence was first enacted. This risk assessment was used by businesses to develop policies and procedures aimed at preventing their associates from criminally facilitating tax evasion.
This process cannot be a "one-off" event. Relevant bodies are expected to regularly review the risks faced by their business and update their policies to mitigate those risks, particularly when their business model changes, impacting on the risk profile of the business.
If working practices have changed as a result of the Covid-19 pandemic, businesses should consider updating their risk assessment and procedures. This is particularly the case if it is envisaged that changes will remain in place for the longer term.
Examples of the issues that business may wish to consider include:
- Have there been any changes to their business model, or to the business of their associates, that need to be addressed through revised procedures or refreshed due diligence?
- Is adequate supervision and monitoring in place for employees working from home?
- Are whistleblowing procedures still appropriate to the current working environment?
- How will training be provided to employees (both refresher training for existing employees and more detailed training for new employees) when large group meetings are more difficult?