Skip to main content

Corporate Criminal Offences (CCO) – Are you compliant?

The Criminal Finances Act 2017 introduced a new ‘Corporate Criminal Offence’ (CCO) of failing to prevent the facilitation of tax evasion. It applies to all companies, and partnerships too, no matter how big or small, and it gives HMRC the power to levy unlimited fines and name and shame non-compliant businesses.


Since its inception, it has had quite a low profile and flown somewhat under the radar, initially with an unofficial soft landing period, and then with the COVID-19 pandemic shifting focus. With that all behind them, is HMRC about to get serious about policing this?

So, what is Corporate Criminal Offence all about, and what does ‘failure to prevent the facilitation of tax evasion’ actually mean?

What is a Corporate Criminal Offence?

Key to the Corporate Criminal Offence is the concept of an associated person.

A company itself can’t actually do the facilitating themselves but it is the persons associated with that company that do the facilitating.

These could be employees, but could also be agents or suppliers.

An example of a Corporate Criminal Offence being committed could be knowingly using a supplier who should be VAT registered but isn’t charging VAT, or agreeing to treat a worker as outside of IR35 when they should be inside (or not undertaking an employment status check where required to do so).

Is it just employees who are affected? Can suppliers also commit a Corporate Criminal offence?

It isn’t just employees, however, as suppliers could be involved too and this is where it gets tricky.

For example:

A business, Company A, might have a supplier, Company B, who for example provides them with construction services.

They engaged with Company B because they got a cheap price but didn’t properly undertake due diligence when they took them on – they just wanted to sign the deal before Company B changed its mind!

If Company B subcontract some of the work they do for Company A to a third party subcontractor but doesn’t properly apply the Construction Industry Scheme, then Company A could be committing a Corporate Criminal Offence and opening itself up to potentially unlimited fines.

In these circumstances illustrated in the example above, knowing and understanding your business’s supply chain is critical to effective compliance.

How does a business limit the risk of committing a Corporate Criminal Offence?
Unfortunately, just having a policy in place is very unlikely to be an adequate defence.

There are six key steps HMRC look for a company to have undertaken to ensure an adequate defence against committing a Corporate Criminal Offence:

Risk Assessment

This is always the starting point. Until you understand what your risks are, you can’t take steps to mitigate them.


Following on from a risk assessment exercise, a business should adopt reasonable procedures proportionate to the risk.

Top Level Commitment

There should be buy in from top level management such as the CEO or managing director indicating the importance of complying with the business’s CCO policy & procedures

Due Diligence

When taking on suppliers, agents or other associated persons, it is important that proper due diligence is undertaken to understand how they will impact the business’s own risk.

Communication and Training

It is no good just having a policy and procedures if no one understands them, knows what to look out for or what to do if they encounter a potential facilitation of tax evasion situation.

Good training will ensure all relevant employees will have a decent understanding of CCO and help keep the organisation compliant

Monitoring and review

It is important to monitor and update any procedures as necessary, and for periodic risk assessments to be made to identify changes to the risks faced by the business.

If a business has worked through and applied each of the above steps, it should have a robust defence against any CCO enquiries.

Even if HMRC doesn’t come knocking on your door to enquire into potential CCO breaches, your business could be impacted in other ways including being raised as an issue during a Due Diligence review on sale of the business, looking to gain accreditation from industry bodies, or even if you are tendering for work from big business or public sector organisations.