The Criminal Finances Act 2017 came into force in autumn 2017. It enshrines into law two new corporate criminal offences for corporations that fail to prevent the facilitation of tax evasion. This is modelled on the ‘failure to prevent bribery’ offence in the Bribery Act 2010.

Firms should already have met their “day one” compliance obligations, but regulatory expectations are that controls will further mature and embed over time.

What you should be thinking about:

• Risk assessment – Leveraging your existing risk assessment methodology may be advisable where you are confident in its approach, but demonstration of looking through a tax evasion ‘lens’ is critical. You should be continually refining and maturing your risk assessment, in particular considering how you apply it to overseas Group entities.

• Procedures – Risk assessment should already be driving enhancements to your procedures. But how are these being embedded and changing practice “on the ground”. Have you determined where you need to refresh due diligence in relation to clients, suppliers, contractors and employees, or have you assessed where and how transactions/payments are made, especially if offshore jurisdictions are involved.

• Staff training – Staff don’t all need to be tax experts, however you should be educating relevant staff on how to identify potential tax evasion, which is essential in protecting the firm. Identifying ‘red flags’ tailored to the nature of your operations, services and clients and coaching staff to challenge information is critical. As your framework matures, your training needs to follow suit, keeping staff up to date with regards to risks, expectations and their responsibilities.

• Monitoring and review – How do you get comfort that controls are working and that your organisation is compliant? By now you should be in a position where enhanced controls have been operating for sufficient time that you can assess their effectiveness. Regular management information, quality assurance and monitoring should be happening, with key messages being escalated to senior management. You should be critiquing how well things are working and driving change where gaps are identified.

We understand what the regulators require and are focused on helping firms satisfy this. Whether you need support with any of the matters raised above, need an independent opinion, or want to discuss any aspect of your financial crime framework, please don’t hesitate to get in touch.