New HMRC guidance: managing your Labour Supply Chain compliance risks
How do your Labour Supply Chain risk management processes and controls compare with HMRC’s expectations?
How do your LSC risk management processes and controls compare with HMRC’s expectations?
HMRC have published detailed new guidance: ‘Help with labour supply chain assurance’, on strengthening processes and controls for identifying, mitigating, and reducing tax, social security and other Labour Supply Chain (LSC) compliance risks. As well as highlighting common issues that HMRC uncover during their enforcement activities, the new guidance sets out a framework of principles and practices, including examples of what HMRC consider to be best practice, that organisations should consider adopting to ensure robust management of compliance risk in their LSCs.
Importantly, in the new guidance HMRC state that organisations should read the new guidelines and consider how their current systems and processes compare.
This effectively sets minimum compliance standards that HMRC expect to see. Organisations should therefore measure their current processes and controls against the new guidance, take any necessary steps to strengthen their approach, and where relevant disclose and correct any compliance errors identified.
Given the clear expectations set by the new guidance, organisations that fail to do so might be viewed by HMRC as failing to take ‘reasonable care’, which might result in higher penalties should any compliance errors arise. In addition, potentially significant reputational damage could create a broader commercial risk should failures to secure an organisation’s LSC be identified.
This article summarises key aspects of the new guidance and what organisations should now consider.
Why have HMRC published new guidance?
LSC compliance risk has been a significant area of focus for HMRC.
In addition to complex rules and evolving case law, making compliance in some areas inherently challenging (e.g., Off-Payroll Working (OPW) and National Minimum Wage (NMW)), complex LSCs can be targeted by parties who are intent on exploiting workers and undercutting compliant competitors by deliberate non-compliance with their tax, social security and employment law obligations.
Whilst HMRC recognise that responsible organisations do have assurance systems and controls in place, based on their experience of monitoring, investigating and enforcing LSC compliance, HMRC have found that end-clients do not always have a good understanding of the chain between the labour supplier and the workforce they provide, and this can present opportunities for non-compliance.
HMRC’s new guidance on LSC assurance has been published to help organisations understand what HMRC consider to be good practice. It is part of HMRC’s ‘Guidelines for Compliance’ series, which is designed to help organisations understand HMRC’s expectations and avoid non-compliance.
Though extensive – a printout runs to around 90 pages – the new guidance is not exhaustive. Instead, it is intended to be used alongside other HMRC guidance on specific tax risks (e.g., OPW compliance or working with umbrella companies). Additionally, as the compliance risks each organisation faces are determined by specific features of their own LSCs, which may change over time, the new guidance sets out principles to be considered and applied in light of each organisation’s own circumstances, rather than a prescriptive checklist to be followed.
Individuals with responsibility for managing LSC compliance risk will therefore need to determine how best to apply HMRC’s new guidance to their organisation’s specific LSCs processes and controls to ensure they can demonstrate that they take reasonable care to assure their LSC.
What does the new guidance cover?
Topics covered by the new guidance include:
- HMRC’s recommended approach to LSC assurance: which sets out principles and practices that organisations can employ to strengthen LSC risk management (including examples of due diligence checks and information that can be used to assess risks);
- Steps to take when contracting: aimed at procurement, HR, finance teams, as well as tax teams, this section sets out HMRC’s recommendations for incorporating robust risk management at key stages in LSC contracting;
- Understanding LSC risk: this part of the guidance outlines relevant risks and the impact if organisations fail to take steps to ensure compliance through the LSC – including potential reputational damage and competitive disadvantage;
- Tax and other compliance risks: these sections highlight the main tax and payroll compliance risks HMRC see in practice (including OPW, NMW, the Construction Industry Scheme (CIS) (see our previous coverage of HMRC CIS initiatives), VAT self-billing arrangements, and disguised remuneration tax avoidance schemes as well as other compliance risks (such as in environmental law and environmental taxes compliance); and
- Enforcement action and financial impacts: in addition to interest and potential penalties for late payment of tax and social security liabilities, this section discusses the possible application of anti-fraud measures, such as the denial of input VAT and the Corporate Criminal Offence of facilitating tax evasion, where LSC assurance failures arise.
What should organisations do now?
Organisations should compare their current LSC assurance processes and controls to HMRC’s new guidance to identify any improvements that might be required. Specific questions that HMRC suggest organisations ask themselves include:
- What LSC risks are our biggest concerns and how far do current assurance practices mitigate these?;
- Do we know what risk indicators to look for when assessing the LSC?;
- How often do we check whether there have been any changes in the LSC and reassess risk during the duration of contracts?;
- Do we have visibility through the whole LSC to our workforce?;
- How do we verify that suppliers are assuring the LSC, between them and the workforce, on our behalf?;
- Do our staff have appropriate training to identify and report any potential LSC issues?; and
- Who is making employment status decisions (for tax, social security, and employment rights purposes) within our organisation?
Organisations must be satisfied they could demonstrate to relevant stakeholders (including the workforce, suppliers and investors, as well as HMRC) that their LSC compliance risk management is robust and fit for purpose. Any compliance errors identified should be disclosed and settled with HMRC without delay.
In future reviews of processes and controls for managing LSC risk, or for managing compliance risk for any aspect of the LSC such as OPW, CIS or NMW, HMRC might require evidence that their new LSC guidance in GfC12 has been considered and either that changes were made to strengthen the organisation’s arrangements, or that existing arrangements were sufficiently robust. If this is not available, HMRC might consider that ‘reasonable care’ has not been taken when assessing any potential penalties should any non-compliance be identified.
Please contact the authors, or your usual KPMG in the UK contact, to talk through what HMRC’s new LSC guidance means for you.