HMRC has charged Bennett Verby Ltd, a Stockport accountancy firm, with failure to prevent the facilitation of UK tax evasion under s.45 Criminal Finances Act 2017. Six individuals, including a former director, were also charged in connection with alleged R&D tax credit repayment fraud. The defendants appeared at Manchester Crown Court on 7 August 2025; a provisional trial is listed for 27 September 2027.
This is the first corporate case under the Corporate Criminal Offences (CCO) regime, but it won’t be the last. It lands just after the Failure to Prevent Fraud (FTPF) offence took effect on 1 September 2025, putting the entire “failure to prevent” toolkit under a brighter spotlight.
No longer a ‘paper tiger’
For years, critics called the CCOs a ‘paper tiger’. That line no longer holds. A first prosecution lowers the practical bar for the second and third, and it will shape how “reasonable prevention procedures” are assessed in court. Combined with a freshly assertive enforcement posture (self-reporting guidance, joint prosecution guidance, whistleblowing focus), boards should expect more corporate cases, not fewer.
What prosecutors will look for
Under both CCO (tax evasion) and FTPF (fraud), organisations have a defence if they had reasonable prevention procedures. In practice, that means you can evidence the following, proportionate to your risks:
- Top-level commitment – clear ownership, resources, board minutes.
- Risk assessment – current, documented, and specific (e.g., R&D incentives, introducers, commission models, relief schemes).
- Proportionality of procedures – onboarding and monitoring of agents/contractors; approvals and segregation for claims/credits; data checks against abuse typologies.
- Due diligence – risk-based, escalated where incentives or high-risk products exist.
- Training & communication – role-specific, assessed, and auditable.
- Monitoring & review – periodic testing, fixes, and lessons learned logged.
If you can’t show it, you don’t have it.
Immediate actions for boards and GCs
Here’s a 90-day board-level plan to turn intent into auditable practice, converting policy into defensible evidence, closing gaps, and reducing exposure under the CCOs and FTPF.
- Re-cut your economic-crime risk assessment. Bake in tax-evasion and fraud typologies tied to R&D claims, reliefs, introducers and sales incentives.
- Tighten third-party management. Refresh due diligence and ongoing monitoring for agents, referrers and contractors; escalate enhanced checks where benefits flow.
- Close the training gap. Deploy targeted CCO/FTPF training for finance, sales, tax, BD and anyone interacting with reliefs/claims. Capture completions, scores and attestations.
- Evidence tone from the top. Update policies, allocate budget, record approvals and oversight.
- Strengthen speak-up and investigation playbooks. Make reporting easy; align triage, preservation and self-reporting to regulator expectations.
- Prove monitoring. Log control tests, remediation, and re-tests: your audit trail is part of the defence.
What good looks like (practically)
The following elements show what a defensible CCO/FTPF programme looks like in practice.
- Single framework, multiple risks. Integrate tax evasion, fraud, bribery and AML into one control suite so overlaps are managed and gaps are obvious.
- Role-based learning paths. Finance/tax teams get deeper modules and case-based scenarios; client-facing teams get red-flags and escalation routes.
- Data-driven oversight. Use dashboards to track training, attestations, exceptions and investigations in one place so that you’ll be able to answer the “show me” question instantly.
Train your staff on failure to prevent
Deploy role-specific CCO (tax evasion) and FTPF (fraud) training with assessments and attestations, then keep an auditable trail of completions, scores and policy sign-offs.
Start here
- Failure to Prevent Fraud training, including our new interactive fraud eLearning
- Failure to Prevent Tax Evasion (CCO) training
- Track risk assessments, due diligence and attestations in Omnitrack.
