The outcomes from HMRC’s recent consultation on its Business Risk Review (BRR) process should enable large businesses to positively influence their risk rating, providing they have the evidence to support robust tax risk management processes.
HMRC currently uses its BRR process to make an assessment of the tax compliance risk posed by the largest businesses. The outcome from this process is an evaluation as to whether the business is 'low risk' or 'non-low risk'. This in turn determines HMRC's compliance approach to that business.
HMRC recognises, however, that these binary outcomes may be over-simplistic and too restrictive, and therefore sought views on how the current system works and what, if any, improvements could be made. The responses are summarised below.
- Most (more than 80 per cent) thought the BRR could be improved and that the current low risk/non-low risk distinction was too narrow and should be extended to provide three to five risk ratings.
- The majority considered that to be classified as low risk, a business should be expected to fulfil the requirements the OECD has outlined for an effective tax control framework (‘TCF’) or have similar controls in place.
- The BRR should take into account other evidence of tax risk governance such as that supporting senior accounting officer (SAO) certification.
- There should be clear advantages and disadvantages of achieving a particular tax risk classification.
The impact of the consultation responses
In light of the responses, HMRC accepts that:
- there should be a series of risk categories that clearly distinguish between low and high risk; and
- a new enhanced BRR process should take more account of the tax risk management work already required of large businesses, such as SAO provisions and the publication of tax strategies.
HMRC will undertake a pilot, using a new version of the BRR reflecting the key findings of the consultations. The enhanced BRR will be rolled out in 2019/20, subject to the pilot delivering the desired outcomes.
Implications for business
The consultation responses suggesting that the BRR should reflect existing evidence of tax risk governance are likely to reflect the views of businesses with well-developed and documented tax risk control frameworks. HMRC’s acceptance of this suggestion is hardly a surprise, as it reflects its desire to rely on businesses’ efforts to manage tax compliance risk and thereby afford them a ‘light touch’ approach. It also reflects the approach increasingly taken in practice, whereby evidence is requested by HMRC to demonstrate how the senior accounting officer got comfortable when certifying that a business’ tax accounting arrangements are appropriate.
How to respond
Those companies that do not have well developed and documented tax control frameworks and processes will need to address this if they wish to avoid being rated non-low risk and better protect themselves against potential penalties should errors in returns arise.
Businesses therefore need to consider:
- how they would explain their tax risk management and compliance processes to HMRC;
- what documentation businesses have to evidence the process of tax risk identification and control; and
- how far that evidence is likely to go towards convincing HMRC that their compliance processes are effective.
If there are significant gaps or doubts, these should be addressed to put the business in the best position to respond to HMRC’s likely requests for evidence of tax risk compliance management processes.
In short, HMRC is looking for evidence of robust tax governance before it will assess businesses as low risk.
Financial metrics are no longer the only yardsticks of success. Have you also considered your non-financial reporting obligations?’
We set out the key areas you should think about in our beyond the balance sheet guide.
For more information please get in touch with Andrew Hinsley or your usual RSM contact.