DAC6 Country Profile: UK

Register for our DAC6 email updates

UK Parliament and British flag
In light of the COVID-19 pandemic, the UK decided to defer DAC6 reporting by six months

We are publishing a series of guides on how each EU member state has implemented DAC6. The guide provides a preview to our full up-to-date country-by-country guide to DAC6.

Our next guide focusses on the UK’s implementation of DAC6.

This blog was originally published in July 2020 and was updated in February 2021.

How has the UK implemented DAC6?

Legislation Details

HMRC published the UK DAC6 legislation on 29 December 2020. The legislation is called “The International Tax Enforcement (Disclosable Arrangements) (Amendment) (No. 2) (EU Exit) Regulations 2020”. Here is the UK’s guidance on DAC6.

Taxes covered

UK legislation covers cross-border arrangements. The legislation is in line with the EU Directive, (i.e., direct taxes are in scope while indirect
taxes, customs duties or excise duties and compulsory social security
contributions are not covered), and does not include domestic arrangements or any additional hallmarks.

NOTE: The scope of DAC 6 has been amended following Brexit through the International Tax Enforcement (Disclosable Arrangements) (Amendment) (No. 2) (EU Exit) Regulations 2020 (2020 No. 1649). The UK has removed hallmark categories A, B, C and E.

Legal Professional Privilege

UK exempts from reporting those intermediaries who are protected by legal professional privilege. In the UK, this includes lawyers, in cases where the information to be reported is covered by legal professional privilege.

In cases where LPP exemptions apply, the reporting obligation shifts to other intermediaries or the relevant tax payer.

Reporting

Reporting will be made either via manual data entry or via XML file upload. Reporting will be done in English.

Penalties

For non-compliance with any part of the regulation a maximum default penalty of up to GBP 5,000 applies, unless an HMRC officer considers this to be inappropriately low. In these cases, a penalty of GBP 600 each day may be applied for an initial period. If failure continues following the initial period, a further fine of GBP 600 for each day may be applied for the period in which the failure continues.

Download full country profile

DAC6 resource page

VinciWorks regularly publishes helpful guides, on-demand webinars and articles related to DAC6. These resources are regularly updated as HMRC and other authoritative bodies update their guidance on DAC6 implementation. We will also be adding all of our DAC6 country profiles to the resource page.

You can view all of our DAC6 compliance resources by clicking on the button below.

DAC6 resource page

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.