30 September is fast approaching!
As 30 September approaches, it is worth bearing in mind the current requirements with regard to the submission of SAO notifications and certificates. As a reminder, the 30 September deadline applies as follows:
- For PLCs, those with an accounting period end date of 31 March 2014
- For all other companies, those with an accounting period end date of 31 December 2013.
The SAO provisions only apply to a qualifying company, as defined in HMRC’s SAO Guidance.
The company must notify the identity of its SAO to the Client Relationship Manager (CRM) in writing. This notification can be in any format (such as email). This requirement is an annual obligation, not only when there is a change of SAO.
Each SAO must send a certificate to state whether or not the company/companies had appropriate tax accounting arrangements throughout the period in question. If the company/companies did not have appropriate tax accounting arrangements it is the SAO’s responsibility to explain what the shortcomings were.
Please note: “hybrid” certificates that state that the tax accounting arrangements were appropriate, except for identified shortcomings or areas for improvement are no longer acceptable. Our update in April 2013 explains this further.
It should also be noted that the provision of a Certificate does not satisfy the requirement that the company should notify the identity of its SAO. The notification regarding the identity of SAO can no longer be provided on the same piece of paper as the certificate.
HMRC approach to business risk review
HMRC’s new ‘Large Business Directorate’ means that many businesses now have new Client Relationship Managers (CRMs) carrying out Business Risk Reviews. In some instances, these are building upon fairly superficial reviews that have taken place previously.
In these circumstances, it is worth revisiting HMRC’s Tax Compliance Risk Review Manual. It explains that – during such reviews – businesses are expected to show that they have clear governance and risk frameworks in place for managing tax. The manual states that while there is no single recommended corporate governance approach, HMRC sees the Committee of Sponsoring Organizations (COSO) framework as best practice. Indeed, it is notable that this framework appears to underpin the tax governance questionnaires that have been issued by a number of CRMs.
One objective of the COSO framework is to improve organisational performance and governance through establishing effective risk management and internal controls. HMRC expects good governance from the top of the organisation, plus an operational framework for implementation and finding plus managing risks.
The guidance is in line with HMRC’s recent drive to introduce more consistency and robustness in their approach to tax governance. CRMs are now expected to adopt a three key stage approach to the evaluation of the way that tax is managed:
Stage 1: Evaluating tax governance – HMRC wants to understand the governance framework within which the business manages tax compliance risk. They want to find out how this applies in practice by referring to some key business events. It should be noted here that whilst the guidance provides specific examples of such ‘events’, we have seen a number of other triggers that have led to a more detailed HMRC review. This includes the conclusion that previous business risk reviews were insufficiently robust. In particular, when revisiting previously awarded ‘low risk’ ratings, HMRC are asking businesses to evidence their tax governance framework.
Stage 2: Evaluating tax delivery - HMRC’s assessment of whether the processes and systems produce the right tax figures by reference to key risk areas; and
Stage 3: Audit testing – HMRC’s testing to confirm that the systems and processes are operating as designed. Such testing is stated to be exceptional but this does not accord with the experience of a number of clients.
What this means for the SAO certification process:
- The guidance focuses primarily upon the risk review process, highlighting how HMRC’s focus on tax governance extends beyond the relatively narrow confines of the SAO certification. However, it inevitably provides useful insight into HMRC’s expectations as to what constitutes ‘appropriate tax accounting arrangements’ for the purposes of the SAO regime.
- SAOs must therefore ensure not only that they can articulate the tax governance framework within the business, but also that this translates into the way that tax is managed each day.
HMRC updated SAO Guidance
HMRC has reworded the guidance for HMRC Customer Relationship Managers (CRM) (external link) when they come across late SAO notifications or certificates. The new wording explains that where CRMs believe there has been a late SAO notification or certificate, they must not issue a penalty or accept an excuse as reasonable without going through the standard authorisation process (external link).
This standard process involves seeking authorisation from HMRC’s ’Penalties Consistency Panel‘ which will consider whether a penalty is due or not. If the panel decide a penalty is due, CRMs must then secure approval from either a Director in the Revenue’s Large Business Directorate or an Assistant Director in Local Compliance to issue the penalty. The implication of the new guidance is that going forward CRMs cannot simply ignore SAO failures.
This update of the guidance coincides with HMRC’s appointment of 500 new CRMs as part of the creation of the new Large Business Directorate. These latest developments are in line with HMRC’s recent drive to introduce more consistency and robustness in its approach to tax governance.
In light of the more rigorous approach to the deadline reflected above, it is worth noting that 30 June is the deadline for the submissions of notifications and certificates for PLCs with a 31 December 2013 year end and other companies with a 30 September 2013 year end. Particular care should be taken to identify any PLCs within a privately owned group and to ensure that dormant companies are included.
HMRC last week updated its online SAO guidance. The key areas to note are:
1. There has been a significant increase in the level of internal procedural guidance on penalty charging for main duty failures or failures for inaccurate certificates. This includes appeal procedures and how to assess a penalty on a non-resident SAO.
We are not aware of previously-raised penalties for these failure types, but the guidance confirms our belief that HMRC intends to be more robust in future. This coincides with the recent HMRC restructuring, which should mean the same HMRC directorate deals with all SAO groups.
2. The guidance now clarifies that the company’s notification of the SAO’s identity should be provided separately from the SAO certificate.
Previous guidance suggested the notification and certificate could both be on the same piece of paper. This was as long as it included all relevant information and that it was clear the document was taking on two functions.
3. Clarification of the CRMs’ role, specifically that they are not expected to monitor certification dates for groups. However, any missed deadlines should be taken into account in the general risk review of the group.
4. New guidance on the steps that CRMs are expected to take when the SAO’s identity is not known to them before the statutory deadline. The guidance suggests that the CRM should find out who the SAO was and discuss the failure with them in more detail plus how it could affect the group’s risk rating.
5. The guidelines advise that any departures from the statutory position, e. g in relation to submission dates, must be approved at a very senior level within HMRC. This seemingly suggests a desire to introduce more consistency and to move away from the relaxed approach that has been adopted by some inspectors previously
Impact of HMRC restructuring
HMRC restructured last week, and created a new Large Business Directorate for UK companies and groups with turnover of more than £200m (estimated at around 2,000).
This replaces the Large Business Service (LBS) which dealt with UK companies and groups with turnovers in excess of £600m. It also takes the place of Local Compliance – Large & Complex (LC L&C) which included UK companies and groups with turnover between £200m and £600m.
We believe the reason behind the new directorate’s creation is to provide greater consistency of treatment, particularly in areas such as:
- HMRC risk reviews
- Senior Accounting Officer discussions
- Risk ratings
- Decisions on issues to be taken up for enquiry
Previously, there has been concern that businesses at the top-end of LC L&C in terms of size and complexity may have faced more HMRC scrutiny than bottom-end LBS businesses. This re-organisation by HMRC is intended to address that ‘cliff-edge’ issue.
As a result, we are currently seeing many changes in customer relationship management (CRMs). This could be a risk particular area where a business has had little (or no) contact with their CRM, and CRM change may bring a significantly different approach.
Is HMRC expanding its approach to tax governance?
There has been an interesting development recently which suggests that HMRC is beginning to expand its approach to tax governance. A number of our clients have received a targeted governance questionnaire as part of HMRC’s annual Business Risk Review (BRC). The questionnaire aims to identify the policies and procedures through which large businesses manage tax. This will clearly affect the business’s risk rating and illustrates HMRC’s expectations regarding what constitutes an appropriate tax control framework.
While it is still uncertain whether this approach will be introduced wholesale, the questionnaire shows that – in practice – HMRC is beginning to apply principles developed under SAO on a wider basis to encompass all tax risks, not just those covered by the SAO legislation. It means that HMRC expects large businesses to:
- be able to explain how they manage all their tax risks, not just those that fall within SAO
- have supporting documentation which demonstrates their overall business tax strategy
- have appropriate processes in place for the ongoing identification and management of tax risks
- monitor relevant policies and procedures to ensure that they remain fit for purpose and are implemented effectively
Groups should therefore consider whether their tax risk control frameworks are sufficiently robust to satisfy HMRC‘s apparent expectations.
Please email us if you would like to receive more information about this change in HMRC’s approach.