The common law offence of cheating the public revenue has long occupied an unusual place in English criminal law. It is at once archaic and highly practical, rooted in eighteenth century authority and yet routinely deployed in some of the most complex modern fraud prosecutions. The forthcoming expansion of corporate criminal liability under the Crime and Policing Bill will materially change how and against whom it is used. For compliance professionals and senior managers, that shift is likely to be consequential.
This is because the boundary between individual wrongdoing and corporate liability is narrowing. Where senior managers are involved in dishonest conduct affecting tax, the organisation is increasingly likely to be in the dock alongside them. The Crime and Policing Bill amplifies the risk by expanding corporate attribution. This means it brings businesses themselves more squarely within the reach of an already powerful offence.
What is the offence of cheating the public revenue?
Cheating the public revenue (CPR) traces its origins to R v Bembridge (1783), and was given its modern articulation in R v Hudson [1956]. It survived the rationalisation of dishonesty offences in the twentieth century because Parliament chose to preserve it expressly in section 32 of the Theft Act 1968, even as the broader offence of cheating was abolished.
Its continued use reflects a simple prosecutorial logic. CPR criminalises dishonest conduct intended to prejudice HMRC, without requiring the prosecution to engage with the technical detail that often defines statutory tax offences. It is sufficient to prove dishonesty and an intention to deprive the Revenue of tax. There is no need to demonstrate an actual loss, nor a corresponding gain, and the conduct may arise through acts or omissions.
That breadth gives the offence both flexibility and force. It allows prosecutors to frame a case around the overall dishonest scheme rather than the mechanics of tax legislation. It also carries a maximum sentence of life imprisonment, which exceeds the sentencing range available for many statutory alternatives. For serious and sustained revenue fraud, CPR remains a highly effective charging tool.
Recent case law on CPR
The modern case law shows CPR being applied repeatedly in business contexts, often where the corporate structure is integral to the wrongdoing.
A central example is R v Lunn from 2017. Christopher Lunn, an accountant operating through his firm CLAC, was convicted of cheating the public revenue through a long-running scheme involving inflated accountancy fees, fabricated losses and false claims across thousands of client tax returns. The conduct spanned nearly a decade and resulted in over £6 million in evaded tax. The Court of Appeal upheld both conviction and sentence, confirming that such conduct could properly be charged as a single course of conduct rather than hundreds of individual counts.
The business failure in Lunn was not a single rogue act. Rather it was integral to how the company operated. The firm scaled rapidly, from hundreds to thousands of clients, while embedding practices that undermined the integrity of the self-assessment system. Internal controls were either absent or complicit. HMRC ultimately characterised the conduct as a “systematic attack” on the tax system.
Other cases show similar patterns in different commercial settings. In the prosecution of Berkshire Education Travel Ltd and its director, the company failed to submit VAT returns over a prolonged period, diverting funds for personal use. Both the company and the individual were convicted of cheating the public revenue and money laundering, with custodial sentences imposed.
More complex schemes appear in VAT fraud prosecutions involving companies such as Winnington Networks Ltd, where artificial trading structures were used to offset VAT liabilities and generate fraudulent repayments. These cases, often involving multiple entities and large sums, are routinely charged as conspiracy to cheat the public revenue.
The consistent theme across these cases is that CPR is used where the conduct is sustained, organised and embedded within business activity. The offence allows prosecutors to capture the entirety of the dishonest scheme without fragmenting it into technical breaches of tax legislation.
The Crime and Policing Bill and corporate liability
The Crime and Policing Bill introduces a significant change to corporate criminal liability in the UK. It extends the “senior manager” attribution model, first developed in the Economic Crime and Corporate Transparency Act, to all criminal offences. That includes cheating the public revenue.
Under the traditional identification doctrine, a company could only be convicted if the offence was committed by its “directing mind and will”, typically board-level individuals. This has long been a barrier to corporate prosecutions in complex organisations.
The Bill lowers that threshold. A company will be criminally liable where a senior manager commits an offence within the scope of their actual or apparent authority. A senior manager is defined functionally, as someone who plays a significant role in managing or organising a substantial part of the business. This can include finance directors, heads of tax, regional partners or other operational leaders.
Two further features are important. First, there is no requirement to show that the company benefited from the conduct. Second, there is no equivalent to the “reasonable procedures” defence found in failure to prevent offences. If a senior manager commits CPR in the course of their role, the company can be liable regardless of its compliance framework.
This represents a material expansion of corporate exposure.
What will the future direction of enforcement look like?
CPR will remain attractive to prosecutors because of its breadth and flexibility. The Crime and Policing Bill makes it significantly easier to attribute that offence to companies. The result is a likely shift from primarily individual prosecutions to routine corporate liability in serious tax fraud cases.
In a case like Lunn, the focus historically fell on the individual accountant, even though the firm was central to the conduct. Under the new framework, a similar fact pattern would make corporate prosecution far more straightforward. A senior manager within the firm orchestrating or facilitating the scheme would be sufficient to attach liability to the firm itself.
This also changes the risk profile for senior managers. Individuals operating below board level, who previously might not have engaged corporate liability, now sit within the attribution framework. Personal misconduct at that level can translate directly into corporate criminal exposure.
The absence of a compliance defence is particularly significant. In failure to prevent regimes, firms can mitigate liability by demonstrating reasonable procedures. For CPR under the new attribution model, strong compliance systems may reduce the likelihood of misconduct, though they do not provide a legal shield if a senior manager engages in dishonesty.
How might a corporate entity be charged with CPR in practice?
Imagine a mid-sized accountancy firm advises owner-managed businesses on corporation tax. Its Head of Tax, who oversees a substantial part of the firm’s work and would qualify as a senior manager, begins promoting an aggressive approach to loss relief. Over time, this shifts from arguable interpretation into knowingly false treatment, with expenditure routinely mischaracterised as deductible losses across a large number of client returns. Junior staff are directed to apply these positions consistently, and internal review processes focus on speed rather than substance. Concerns raised internally are dismissed, and no independent technical scrutiny is applied.
HMRC identifies the pattern during an enquiry and concludes that the returns reflect deliberate dishonesty rather than error or judgement. The Head of Tax is charged with cheating the public revenue on the basis that they engaged in dishonest conduct intended to reduce tax liabilities. Under the Crime and Policing Bill’s expanded attribution model, that conduct is attributable to the firm because it was carried out by a senior manager acting within the scope of their authority. The firm is therefore prosecuted and convicted alongside the individual, notwithstanding that it had formal compliance policies in place.
The critical point is that the offence turns on dishonesty embedded within business operations. Once that conduct is established at senior manager level, the firm itself becomes criminally liable, in much the same way as the underlying scheme in R v Lunn, where systemic practices within a firm led to sustained tax evasion.
The impact of Provision 29 of the UK Corporate Code
UK Corporate Governance Code requires boards of premium listed companies to make a formal declaration on the effectiveness of their risk management and internal control systems. The revised version strengthens this by expecting boards to monitor, review and report on the effectiveness of controls on an ongoing basis, not simply describe them.
That intersects with cheating the public revenue in two clear ways. First, it raises the expected standard of oversight at board level. In a scenario like R v Lunn, the underlying issue was not the absence of a business structure or client base, it was the embedding of dishonest practices within that structure over many years. Provision 29 increases the expectation that boards will identify and challenge exactly that kind of systemic risk, including in areas such as tax compliance, client handling and professional judgement. A failure to do so may not create criminal liability in itself, though it will make it harder for a company to argue that the misconduct was aberrational or unforeseeable.
Second, in the post–Crime and Policing Bill landscape, the provision becomes more relevant because of attribution. If a senior manager engages in conduct amounting to CPR, the company can be liable regardless of its policies. However, weak or ineffective controls will often be the factual backdrop that allows the conduct to occur and persist. Where Provision 29 disclosures assert that controls are effective, and the reality is otherwise, that disconnect can become evidentially significant. It may support an inference that risks were either not properly understood or not properly managed.
Firms that take Provision 29 seriously, with genuine testing of controls and meaningful board engagement, are more likely to detect and prevent the kind of systemic dishonesty that underpins CPR cases. Firms that treat it as a disclosure exercise risk creating a paper trail that is difficult to reconcile with events if misconduct later comes to light.
Mitigating risk: what effective compliance looks like
Given that CPR focuses on dishonesty rather than technical breach, mitigation requires more than tick-box compliance. It demands a broader control environment around conduct, incentives and oversight. This means effective training for senior managers as well as whistleblowing avenues where wrongdoing can be quickly exposed.
Firms should ensure that tax positions and filings are subject to independent review, particularly where aggressive interpretations or high volumes of client work are involved. Rapid growth, as seen in Lunn, is a known risk factor where controls can lag behind commercial expansion.
There should also be clear escalation channels for concerns about tax treatment, supported by a culture in which challenge is expected rather than discouraged. In many CPR cases, the conduct persists because internal dissent is absent or ineffective.
Senior managers require particular attention. Given the expanded attribution rules, firms should identify roles that fall within the “senior manager” definition and ensure that those individuals are subject to enhanced oversight, training and accountability. Decision-making in financial matters should be documented and, where appropriate, subject to peer or external scrutiny.
Without a doubt, engagement with HMRC and regulators should be approached with care. As the Lunn case highlights, inaccurate or misleading disclosures can transform a civil enquiry into a criminal investigation.
