Criminal Finances Act 2017 - what organisations need to do now to manage risk

Posted by Simon Stokes on

Background

New offences under the Criminal Finances Act 2017 came into force on 30 September 2017.  The Act makes it a criminal offence for companies, other corporate bodies  and partnerships – whether established under UK law or foreign law ("relevant bodies") to fail to prevent a person associated with it (such as an employee, agent, adviser, intermediary, contractor or service provider) ("associated person") criminally facilitating the evasion of tax, and this is the case whether the tax evaded is owed in the UK or abroad (as long as there is a UK connection in relation to any foreign tax evasion).

It is a strict liability offence – this means that if an associated person criminally facilitates the evasion of tax whilst acting for the relevant body the relevant body will be liable unless it can prove it had in place reasonable prevention procedures (where it was reasonable for the relevant body to have such procedures in place).  This new offence is similar to the Bribery Act 2010 offence of failing to prevent bribery.  So to avoid being held criminally liable for the criminal acts of their associated persons and face unlimited fines organisations need to put in place reasonable prevention procedures in place.

Whilst at first sight the law might only appear relevant to accountants, lawyers, banks/financial services companies and tax advisers who are clearly at high risk of their associated persons having the opportunity to criminally facilitate tax evasion all organisations need to conduct at least a risk assessment – for example current Government guidance gives examples of the application of the Act outside of the financial services sector:

  • a manufacturer appointing a distributor/sub-contractor
  • a staffing company engaging and paying contractors

Any sector is potentially within the ambit of the Act including charities as well as commercial corporations and partnerships. 

It must be stressed that the legislation only aims to tackle crimes committed by those who act for or on behalf of a relevant body such as a company or a partnership.  The legislation does not hold relevant bodies to account for the crimes of their customers, nor does it require them to prevent their customers from committing tax evasion.  Nor is the legislation designed to capture the misuse of legitimate products and services that are provided to customers in good faith, where the individual advisor and relevant body did not know that its products were intended to be used for tax evasion purposes. 

Also the new laws target deliberate and dishonest behaviour at the taxpayer level.   They do not create any new offences at the individual level  - if activity would currently be considered tax evasion under the existing law then it will continue to be so.   Likewise, if activity would not currently be considered tax evasion (i.e. is legitimate tax avoidance), then the new law does not make it tax evasion.   As the Government has noted:  "Whilst individual employees may face criminal charges for facilitating tax evasion, their employer often sits beyond the easy reach of the criminal law.  These new offences of corporate failure to prevent the facilitation of tax evasion address this difficulty."

The Government expressly recognises that any regime that is risk-based and proportionate cannot also be a zero failure regime.  If a relevant body can demonstrate that it has put in place a system of reasonable prevention procedures that identifies and mitigates its tax evasion facilitation risks, then prosecution is unlikely as it will be able to raise a defence.

Reasonable prevention procedures

Government guidance considers that prevention procedures put in place by relevant bodies to prevent tax evasion from being committed on their behalf should be informed by the following six principles – they are not prescriptive – they are intended to be flexible and outcome focused.  What is key is that any procedures are proportionate to risk.  These principles mirror Bribery Act Guidance so many organisations should be familiar with them.  In summary:

1. Risk assessment

The relevant body must assess the nature and extent of its exposure to the risk of those who act for or on its behalf engaging in activity to criminally facilitate tax evasion. 

2. Proportionality of risk-based prevention procedures

Reasonable procedures will be proportionate to the risk a relevant body faces of persons associated with it committing tax evasion facilitation offences.  This will depend on the nature, scale and complexity of the relevant body’s activities. 

3. Top level commitment

The top-level management of a relevant body should be committed to preventing persons associated with it from engaging in criminal facilitation of tax evasion. They should foster a culture within the relevant body in which activity intended to facilitate tax evasion is never acceptable.

4. Due diligence

The organisation applies due diligence procedures, taking an appropriate and risk based approach, in respect of persons who perform or will perform services on behalf of the organisation, in order to mitigate identified risks.

5. Communication (including training)

The organisation seeks to ensure that its prevention policies and procedures are communicated, embedded and understood throughout the organisation, through internal and external communication, including training.

6. Monitoring and review

The organisation monitors and reviews its prevention procedures and makes improvements where necessary.

How Blake Morgan can help

We are already advising clients on compliance with the Act and our regulatory team are experienced in advising on related areas such the Bribery Act 2010.  We can help you conduct a risk assessment, draft policies and procedures, provide training and provide clauses to put in your contracts.

About the Author

Simon is experienced in data protection including compliance, trans-border data flows, privacy policies, cookie laws, cloud services and international issues. His experience includes advising clients in the financial services sector on trans-border privacy issues including relating to the cloud and advising clients on processing data for marketing purposes. He also advises on the IP protection and licensing of data and databases.

Simon Stokes
Email Simon
020 7814 5482

View Profile