Criminal Finances Act – reasonable procedures checklist

Tax evasion banner

Are your staff aware of the reasonable procedures under the Criminal Finances Act?

The Criminal Finances Act, which came into force in September 2017, introduced the requirement for businesses to have reasonable procedures to prevent the facilitation of tax evasion. If you do not feel that your organisation complies with the Criminal Finances Act, it is important to start a thorough risk assessment of all areas of your business operations. Organisations must also draw up an implementation plan that includes training on the Criminal Finances Act.

While there have been no prosecutions as yet, HMRC are currently investigating thirteen potential violations of the Corporate Criminal Offence of failing to prevent the facilitation of tax evasion. This is likely to shine a harsh spotlight on which reasonable procedures companies are failing to implement.

The reasonable procedures checklist

If you are not sure how to implement reasonable procedures, here is a short checklist:

  • Assess the nature and extent of the risk of tax evasion. What do existing procedures cover and do they mitigate the potential risk?
  • Assess internal procedures and staff reporting obligations to ensure they are adequate and fulfill obligations imposed by your regulator.
  • Deliver training to frontline staff on how to spot potential tax evasion.
  • Ensure financial teams understand tax evasion, how to spot and investigate it, and they are empowered to question frontline staff.
  • Adapt IT and secure internal communication systems to support staff in identifying and managing risk.
  • Check that procedures cover not just staff, but other associated persons.
  • Ensure corporate governance takes account of the risks and senior managers are aware of their responsibilities.

You can download a PDF of this checklist here.

VinciWorks’ training on the Criminal Finances Act

The Criminal Finances Act requires staff to be trained on tax evasion as part of a business’ reasonable procedures to prevent the facilitation of tax evasion.

The course covers:

  • The relationship between tax evasion, tax avoidance and tax mitigation
  • The social and economic effects of failing to prevent tax evasion
  • Understanding of what is meant by “reasonable procedures”
  • The penalties for committing an offence under the Criminal Finances Act
  • Red flags for spotting facilitation of tax evasion
  • Practical advice and personalised guidance to prevent facilitation of tax evasion
  • Interactive quizzes to review knowledge learnt

The course is available in two versions: a 45 minute version for management teams and a 15 minute version for all other staff.

Demo 45 minute version

Demo 15 minute version

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.