Cover all the bases

Alice Kemp explains why in a case of a corporate failure to prevent tax evasion then just having a policy is not enough.

It is no secret that the government is focused on corporate accountability, and recent figures show that HMRC are serious in their drive to hold companies responsible for tax evasion. Now is the time for corporates to ensure that their regimes are robust and withstand close scrutiny.

In 2017, two new offences criminalising companies and limited liability partnerships for failure to prevent the facilitation of criminal tax evasion were introduced by the Criminal Finances Act 2017 (‘CFA’), to address the difficulties in prosecution encountered by the concept of the ‘controlling mind’. 

As at 31 December 2019, there were nine live investigations for corporate criminal offences of failure to prevent facilitation of tax evasion and a further 21 ‘opportunities’ under review, up from five in the first half of 2019. No corporate is safe with investigations under way in a broad range of business sectors and from small business to “some of the UK’s largest organisations”. HMRC’s appetite for investigation, and potentially prosecution, of the new corporate criminal offences is much greater than other agencies have shown in relation to similar corporate criminal ‘failure to prevent’ offences.

The two offences in the CFA criminalise corporate failure to prevent criminal tax evasion; domestic or foreign. Both offences are strict liability. This means that if criminal tax evasion (whether or not there is a successful prosecution) and facilitation by a person or entity associated (i.e performing services for or on behalf of) the company are proven, the defendant corporation’s guilt for failing to prevent will follow. Crucially, there does not need to have been any assent, co-operation or even awareness of the facilitation of tax evasion by the board.

Is there a defence?

Corporates may have a defence if the corporation either:

• had in place reasonable preventative procedures as was reasonable in all the circumstances; or 

• it was not reasonable in all the circumstances to expect the company to have any preventative procedures in place. 

‘Reasonable procedures’ are formulated using the following six guiding principles:

• Risk assessment: The nature and extent of the exposure to risk of criminal tax evasion of those who act in the capacity of an associated person.

• Proportionality of risk-based prevention procedures: Given the nature, scale and complexity of activities and the level of identified risk, what is appropriate given the level of control and supervision that can be exercised over associated persons?

• Top level commitment:  The ‘tone from the top’ and fostering of a culture of intolerance of tax evasion.

• Due diligence: Taking an appropriate and risk-based approach to the due diligence of associated persons and those performing services on for or on behalf of the corporation.

• Communication (including training): Communication, embedding and understanding of the policies and procedures proportionate to the identified risk.

• Monitoring and review: Documented monitoring and review, including modifications and improvements where necessary.

The ‘reasonable procedures to prevent’ defence is worded in identical terms to the defence provided in the Bribery Act 2010 and, given the age of that legislation, you would perhaps expect there to be clear guidance and judicial understanding of what is required in practice to establish that defence. Unfortunately, that is not the case. We are aware of only one case in which this issue has been considered. In R v Skansen Interiors Ltd (unreported) the defendant company was found guilty of failing to prevent bribery under section 7 of the Bribery Act 2010. It would appear that the jury in that case did not find acceptable that:

• while having policies and procedures for a number of different matters, there was no specific policy for failure to prevent bribery (despite there being clauses in the contracts in question prohibiting the exact conduct that occurred);

• there was no dedicated compliance officer, despite Skansen being described as a small company; and

• there was no evidence that staff had been trained, reminded or advised of the policies that Skansen did have in place, or that anyone had agreed to abide by them.

The latest Deferred Prosecution Agreement (SFO v Airbus SE, 31 January 2020, Southwark Crown Court, U20200108) also makes states that despite Airbus having commissioned an award-winning compliance programme and having ‘a number of written policies’, including detailed due diligence processes in place, there was no effective oversight to ensure that they were implemented. 

It is clear from the above two cases that simply having a policy is not sufficient; it needs to be bedded in, brought to the attention of associated persons, and adhered to, with clear sanctions for non-compliance.  

With unlimited potential financial penalties and strict liability, it is important that corporates do not fall foul of the new offences. Now is the time for corporates to ensure that they are well equipped to avail themselves of the ‘reasonable procedures to prevent’ defence, should HMRC come calling. No business wants to become the ‘Skansen’ of the CFA.

• Alice Kemp is an employed barrister in RPC’s Tax Disputes Resolution team. She specialises in criminal fraud investigations and litigation conducted by regulatory bodies, including HMRC and the SFO. She can be contacted on 020 3060 6527 or Alice.kemp@rpc.co.uk.