ICAEW.com works better with JavaScript enabled.

How firms should tackle tax evasion

Ali Kazimi assesses how firms should be tackling the growing concern of tax evasion. He talks in depth about how the landscape is changing and what that means for the tax profession, as well as reasonable prevention procedures and the importance of taking a top-down, strategic approach consistent with a business’s overall tax strategy

FS Focus June 2019 image - Tax EvasionFinancial institutions have been seen as posing a high-risk of tax evasion facilitation by HMRC and have historically taken a somewhat lax approach. However, this is changing and firms need to wise up.

The Financial Conduct Authority (FCA) and HMRC’s powers have been extended under the Criminal Finances Act 2017 (CFA 2017), which now imposes an unprecedented level of tax obligations on financial firms. This includes the regulators needing to foresee and prevent tax evasion facilitation risks on a global scale. To emphasise their importance, the sanctions for failure are now criminal and regulatory.

Changing landscape

HM Treasury recently boasted that more than 100 measures have been introduced to counter tax avoidance, evasion and other forms of non-compliance since 2010. Since the banking crises, successive governments have been under pressure to act against the tax abuse perpetrated by the financial services sector. The code of practice on taxation for banks was introduced in 2009 to enable institutions to voluntarily adopt a principled approach to taxation and desist from repeating the excesses of the past.

The critical turning point was the publication of the Panama Papers by the International Consortium of Investigative Journalists in 2016. More than 11.5 million documents were leaked, revealing the personal financial information of wealthy individuals and public officials. The leak also revealed that companies had created 214,000 shell companies to hide offshore assets, launder money and avoid taxes.

Shifting public opinion resulted in co-ordinated government action. Taking the global lead, the Organisation for Economic Co-operation and Development introduced the Automatic Exchange of Information (AEoI) regime to effectively combat tax evasion. Under the AEoI, financial institutions are required to report customer financial account details to their local government, including the jurisdiction of tax residence of the account beneficial owners and their tax identification numbers. The information gathered is automatically shared with participating jurisdictions.
The EU has seen a concerted drive towards tax transparency, improving information exchange to tackle cross-border evasion and mounting pressure on non-co-operative jurisdictions. The first filings under the invasive DAC6 regime requiring the mandatory disclosure of reportable cross-border tax planning schemes will be seen in 2020. The EU has also published a list of tax havens or high-risk countries. The recent blacklist of tax havens, issued in March 2019, has tripled to 15 countries and now includes the United Arab Emirates.


In 2013, HMRC issued its blueprint, No Safe Havens, setting out the approach to offshore evasion. Successive measures have included the worldwide disclosure facility, requirement to correct, ‘naming and shaming’, and more.

For financial institutions, the key legislative measures include: 

  • civil sanctions for enablers of offshore evasion (Schedule 20, Finance Act 2016); and
  • the corporate criminal offence for failure to prevent the facilitation of evasion (sections 45 and 46 of CFA 2017).

From 1 January 2017, heavy civil penalties can be imposed on enablers of offshore tax evasion or tax non-compliance. The enabler regime applies in respect of UK taxes where there is an offshore connection. ‘Enabling’ offshore tax evasion or non-compliance is broadly defined and includes encouraging, assisting or otherwise facilitating conduct by the taxpayer that constitutes offshore tax evasion or non-compliance. 

Any individual or corporate body that provides tax planning, advice or other professional services including moving funds offshore could be charged up to 100% of the evaded tax and may also be publicly named. It is not necessary for the perpetrator to have played an active part: merely encouraging or facilitating the evasion is enough.

CFA 2017 introduced the strict liability criminal offences for any entity that fails to prevent the criminal facilitation of tax evasion by its associated persons. The legislation introduces two offences: one related to the evasion of UK taxes and the other related to foreign tax evasion. 

‘Strict Liability’ means that no proof is necessary of a criminal intent, knowledge or condonation by senior management. Firms that have been found guilty will face an unlimited fine and disclosure may also be required to professional regulators. There is a statutory defence where the firm has in place such prevention procedures as are reasonable in all circumstances.

Since the introduction of CFA 2017 offences, the response of the financial services industry has been uneven. For financial institutions with an awareness of the legislation and resulting exposure, there was a notable panic to implement the required ‘reasonable prevention procedures’ as protection.

This concern has not been uniformly felt across the financial services sector. In our experience, banks appear to have undertaken some form of risk assessment – with varying degrees of rigour. The UK branches of foreign banks find themselves in the difficult position of having to convince their head office banks of the risks where there is a failure to introduce reasonable prevention procedures across the whole corporate. Larger international banks have realised the full extent of the risk of inaction and implemented programmes.

Within insurance and the riskier wealth management sectors, the results have been mixed due to a genuine lack of appreciation of the potential risks. 

The concern is that under the various taxation governance developments in the UK, such as the requirement to publish a tax strategy (Finance Act 2016) and the senior accounting officer (Finance Act 2009) regimes, the significant taxation risks need to be escalated to the board of directors for consideration and implementation. Boards mostly remain uninformed, leaving under-resourced middle management tax professionals to make tax policy judgements that should have been made at the board level, per HMRC expectations.

Reasonable procedures

Reasonable prevention procedures, the sole defence to the CFA 2017 offences, refers to both formal policies and the practical steps taken to enforce compliance. It is possible to build on existing anti-money-laundering (AML) and Bribery Act risk assessments and procedures, but it is imperative to consider the specific risk of tax evasion facilitation independently.

The HMRC guidance is that effective preventative procedures must be carefully considered in conjunction with a comprehensive risk assessment. A risk-based approach is permissible, but the risk in focus must be the risk of an associated person facilitating tax evasion.

There are numerous challenges to the implementation of these procedures, including adherence to guidance issued by a host of authorities and associations (eg, EU, Financial Action Task Force, FCA, and more). This is in addition  to a variety of legislation, such as CFA 2017 and Proceeds of Crime Act 2002 (POCA 2002), and an equally expansive list of operational regimes, such as Foreign Account Tax Compliance Act and DAC6.

But financial institutions must be able to engage with the tax evasion challenge in a coherent and consistent manner. Where tax evasion facilitation risk assessments may have been carried out, there is often no consideration  given to the evaders regime or wider  tax evasion risks under POCA 2002.

Regulatory cross-over

For those subject to supervision by regulators, the new CFA 2017 offences create several regulatory challenges. Firms have to ensure that their existing financial crime, whistleblowing and Senior Managers and Certification Regime polices are updated and complete. Additionally, systems and controls need to be reviewed to ensure that systemic risk resulting from the introduction of these offences is properly assessed and managed.

While policies approved by the board and senior management denote good intentions, their implementation does not translate to the de facto day-to-day procedures carried out at middle and lower levels of the institution. It is often the frontline staff of an institution that form the first line of defence in spotting a potential tax evasion offence, and the inadequate communication of in-house policies and procedures to these staff has resulted in the numerous high-profile, reputation-damaging, and extremely costly, tax evasion prosecution cases.

Where incidents occur, consideration needs to be given to the escalation and regulatory self-reporting mechanisms.

Top-down approach

The first step an institution should take is a top-down, strategic approach consistent with its overall tax strategy, a clearly articulated risk appetite and governance processes with clear accountability.

A common key deficiency is the lack of tax evasion-specific documentation. While risk appetite policies make brief mention of the bank’s attitude towards tax evasion risk, the development of formal tax evasion prevention frameworks is necessary.

Compliance officers and financial crime teams need to understand how to efficiently detect and resolve tax evasion, and this knowledge should be shared with frontline staff to ensure they can adequately spot tax evasion risks. Updating in-house policies and procedures, and updating IT systems with the latest technologies is vital in preventing tax evasion at a customer, jurisdictional and transactional level.

About the author

Ali Kazimi is managing director of Hansuke