Following stinging criticism that the United Kingdom’s approach to tackling financial crimes wasn’t working, new legislation will come into force at the end of September which will see corporations face the risk of an unlimited fine and a criminal conviction if any employee or “associated person” working on their behalf facilitates tax evasion.

Under the terms of the U.K. Criminal Finances Act, which comes into effect on 30 September, global institutions with a U.K. presence could be subject to U.K. criminal proceedings if an employee anywhere in the world—including agents or sub-contractors acting on the organisation’s behalf—is found guilty of facilitating tax evasion. And lawyers warn that “facilitation” is “widely defined.”

The legislation is a response to the conclusions of a national risk assessment from October 2015 that found that the United Kingdom needed a reformed supervisory regime, a more robust law enforcement strategy to combat money laundering and terrorist financing, as well as a stronger international reach to tackle financial crime—both through extra-territorial legislation and by building stronger international partnerships.

The Act introduces two new corporate offences: one for failure to prevent facilitation of U.K. tax evasion, and the other for failure to prevent facilitation of foreign tax evasion (so long as the underlying evasion is an offence in both countries). There are three stages to the offence: tax evasion by a taxpayer (either U.K. or non-U.K.); criminal facilitation of this offence by an “associated person” of the organisation; and failure by the organisation to prevent an associated person from “facilitating.” No criminal intent, knowledge, or condemnation by senior management is required and, if organisations are found guilty, they face an unlimited fine.

The legislation also introduces a new mechanism designed to deal with proceeds of crime. Known as “unexplained wealth orders” (UWOs), individuals or companies will have to explain the origin of assets that appear to be disproportionate to their known income in order to rule out any suspicion of serious crime.

Up until now, unless it could be proved that senior management were actively involved in facilitating tax evasion (or knowingly turned a blind eye), the U.K.’s record of successfully prosecuting such cases has been poor. But these new offences circumvent this requirement by making businesses guilty of an offence where a person acting for them—either as an employee or as an agent or contractor—is involved.

“What is made clear by the HMRC guidance in respect of risk is that any company dealing with offshore matters is considered ‘high risk’ and therefore it is abundantly clear that policies must be tailored as such,.”
Amy Shaffron, Solicitor, Byrne and Partners

While banks and advisory firms that help big companies and wealthy individuals evade tax are the primary targets, any company in any industry sector has potential exposure to the legislation. Furthermore, investigations will be proactive. The U.K.’s tax regulator, HM Revenue & Customs (HMRC), has said that it will investigate these new offences, particularly where U.K. tax evasion is suspected.

The punitive measures contained within the Act have not been lost on many lawyers and compliance experts, and most expect the legislation to achieve a strong deterrent effect. Chris Laws, head of product development, compliance, and supply at credit rating agency Dun & Bradstreet, says that “the requirements of the U.K. Criminal Finances Act mean it’s more important than ever for companies to have full visibility of their relationships with suppliers, partners, and any third party involved in their operations. Although tax evasion has always been an offence, the new legislation makes it easier to hold organisations to account and ignorance is not a valid line of defence.”

Under the new rules, businesses will have a defence if they can prove they had put in place “reasonable” compliance risk mitigation procedures—though the HMRC’s newly published guidance, Tackling tax evasion: Government guidance for the corporate offences of failure to prevent the criminal facilitation of tax evasion, warns that the prevention procedures that are considered reasonable will change as time passes. “What is reasonable on the day that the new offences come into force will not be the same as what is reasonable when the offence has been in effect for a number of years,” it says.

The government accepts that some procedures (such as training programmes and new IT systems) will take time to roll out, especially for large multinational organisations. As a result, HMRC says that it will “take into consideration” the prevention procedures that were in place and planned at the time that the facilitation of tax evasion was committed.

To help companies comply with the new rules, the HMRC has proposed six key principles that organisations should aim to follow (they reflect the Ministry of Justice Guidance on Adequate Procedures in Bribery Matters). Experts say that these are a good starting point for companies tackling compliance with the new act.

For example, the guidance says that organisations should conduct a full risk assessment at a country, sector and transactional level—particularly those companies involved in financial, legal,m or tax services, which are considered “high risk” in this context, but adds that these actions should be “proportionate” to the level of risk and size of organisation.

PROPORTIONALITY OF RESPONSE

Below is a look at considerations for “proportionality” of response to the requirements of the Criminal Finances Act.
In keeping with the United Kingdom’s tradition of “principles, not rules”, the Criminal Finances Act requires companies to consider a “proportionate” risk management response to the legislation’s requirements. The recent published HMRC guidance provides some useful risk factors that compliance professionals and their organisations should consider to get a better “feel” of what they should be doing. They include:
1: Opportunity - could someone facilitate tax evasion?
Do any associated persons have the opportunity to facilitate client tax evasion?
Is their work subject to monitoring or scrutiny, for example a second pair of eyes?
How likely is detection of any facilitation?
2: Motive – why could it happen?
Does the reward and recognition system and corporate culture (including sanctions and penalties) incentivise or dissuade potential criminal facilitation of tax evasion, or whistle-blowing when tax evasion is uncovered?
What are the consequences of wrong-doing?
3: Means – how could it be done?
What means of criminally facilitating tax fraud do your associated persons have?
Are there particular products, services or systems that could be open to abuse and used to criminally facilitate tax evasion?
Do those in high-risk roles receive regular fraud training and how vigorously is compliance with training evaluated or monitored?
—Neil Hodge

The HMRC also says that organisations should have a robust due diligence process to check all associated persons involved in their operations and supply chain, as well as have effective training and communications in place so that all relevant employees and contractors are aware of the legislation and the standards of behaviour that the company expects. Furthermore, organisations should conduct continuous monitoring and review procedures and practices to ensure ongoing compliance. And last—but not least—there should be evident senior leadership sponsorship and commitment to compliance.

But the problem remains that while the punishments under the Act are prescriptive (unlimited fines and potential criminal convictions), the details regarding how companies ought to comply are not, which means that compliance functions need to check as soon as possible whether their organisations have suitable controls and reporting systems in place, and assess just how badly they could be exposed.

Patrick Craig, regulatory technology leader for EMEIA financial services at professional services firm EY, says that the first step that organisations should undertake is to “act rapidly to demonstrate a clear commitment to compliance,” starting with a risk assessment to identify their exposure to facilitating tax evasion and to assess the applicable control environment. “Compliance officers must also secure top-level commitment, develop an initial communication plan, and create an implementation strategy for tackling the risk in a proportionate and timely manner going forward,” he says.

Craig believes that the new legislation “provides an opportunity to revisit third-party due diligence and monitoring approaches” to get a clearer view of customer and supplier data and the source of funds. As the HMRC guidance recommends a “proportionate” approach to monitoring and compliance, each individual firm will need to make changes based on the results of its own risk assessment. He adds, however, that the majority of organisations will need to raise awareness through communications and training to “associated persons,” including employees and third parties, which may be a lengthy process depending on the size and sophistication of the organisation and supply chains. Firms should also assess whether changes are required to policies and procedures and redraft as necessary, he says.

Amy Shaffron, a solicitor at law firm Byrne and Partners, also believes that organisations need to conduct proper risk assessments straightaway. “What is made clear by the HMRC guidance in respect of risk is that any company dealing with offshore matters is considered ‘high risk’ and therefore it is abundantly clear that policies must be tailored as such,” she says.

“It is essential that an effective and comprehensive risk assessment is conducted as a matter of urgency by the company and that the initial focus should be driven toward the areas that are considered to be the highest risk. Any procedures adopted should be placed under continuous monitoring and review and be actively endorsed from top-level management,” says Shaffron.

Some experts point out that the introduction of UWOs will require organisations to conduct more thorough checks. Tim Parkman, managing director of Lessons Learned, a corporate integrity, ethics, and compliance training provider, says that the creation of UWOs “reinforces the responsibility of financial institutions to accurately identify and verify their clients’ wealth and sources of income, as well as be rigorous in identifying and reporting inconsistencies between their clients’ apparent assets and known wealth.”

Parkman says that organisations may need to review due diligence procedures to ensure their provisions for establishing sources of wealth are sufficiently robust, as well as audit client records to ensure that sources of wealth have been accurately and reliably documented. Furthermore, he says, financial institutions may need to reinforce staff awareness and understanding of the importance of obtaining good quality information on sources of wealth.

The new legislation, however, may not be too big a compliance headache for everyone. While organisations will evidently have to assess their exposure to the risks inherent under the new Act, some experts believe that many companies will already be well-prepared and well-equipped to meet the demands of the legislation.

Justin du Rivage, a consultant at global regulatory and financial crime, risk, and compliance company Exiger, says that while the legislation poses a new compliance challenge for financial institutions, accountancy firms, law firms, asset/wealth managers, trustees, and company formation agents, most of the regulated sector already has procedures in place to identify customer tax evasion that could address the Act’s “failure to prevent” requirements.

Also, in addition to third-party due diligence, banks have already developed programmes that promote tax transparency, he says. These initiatives include complying with the Foreign Account Tax Compliance Act (FATCA), which requires organisations to report the assets of their U.S. clients to the U.S. Treasury, and the OECD Common Reporting Standard, which shares information about assets and incomes between jurisdictions.

“Such procedures would likely form the backbone of any financial institution’s reasonable procedures defence and should go some way to reducing compliance costs,” says du Rivage.