Electronic Sales Suppression — Introduction of software standards in EPOS/MPOS systems

Question 1

Summary

Accepted Answer

Subject and scope of this consultation

Electronic Sales Suppression (ESS) is when businesses manipulate digital sales records to hide or reduce the value of transactions, lowering their reported turnover and tax liabilities.

This consultation invites views on the introduction of mandatory software standards for the Electronic Point of Sale (EPOS) and Mobile Point of Sale (MPOS) sector to tackle ESS.

Who should read this

The government welcomes engagement from any individual, business or organisation with views on how the introduction of these software standards within the EPOS/MPOS sector will impact the EPOS/MPOS industry and the businesses that use these devices. This consultation also seeks input on whether there are any alternatives which need to be considered.

The consultation is likely to be of particular interest to:

sole traders, small and medium-sized businesses in the retail and hospitality sectors
industry bodies and trade associations associated with retail and the hospitality sectors
tax professionals and advisors
EPOS/MPOS software/hardware developers, providers and resellers
representative bodies
anybody with knowledge or experience of ESS and its impact on tax compliance in the UK

Duration

The consultation will run for 8 weeks, from 23 June 2026 to 18 August 2026.

Lead official

The lead official for the consultation is Mathew Kelly of HM Revenue and Customs (HMRC).

How to respond or enquire about this consultation

Any responses or queries about this consultation should be sent to ESSpolicy@hmrc.gov.uk.

Respondents should not feel that they must respond to all the questions in this document. HMRC also welcomes partial responses, focused on the individual aspects that are most relevant to the respondent.

Additional ways to be involved

HMRC plans to conduct proactive stakeholder engagement with groups that this measure is likely to impact, including consumers, businesses, and manufacturers. We anticipate these will be a mixture of discussion and written correspondence, to allow groups to offer feedback but also understand the detail of what will be a complex and in-depth proposal.

This will be part of a process of ongoing engagement and cooperation as the measures are developed further alongside the results of the consultation, including technical consultation if required.

After the consultation

Responses to this consultation will inform any future policy proposals to tackle ESS, with any further steps announced in accordance with the tax policy-making process.

Getting to this stage

In 2013, the Organisation for Economic Co-Operation and Development (OECD) published a detailed report called Electronic Sales Suppression: A Threat to Tax Revenues. This report advised tax authorities to:

check if their legal powers are strong enough to examine and investigate Point of Sale (POS) systems
make sure staff have the skills and tools needed to check and investigate these till systems
think about making it a crime to supply, own, or use software that hides sales

HMRC looked at this report and focused on making it less attractive for people to use ESS to evade paying tax, as part of its ‘Prevent, Promote, Respond’ strategy. This led to improvements in UK tax laws.

Afterwards, the government released an initial ESS Call for Evidence on 19 December 2018, and a summary of the responses on 25 June 2020. This asked about how ESS works, how common it is, and invited ideas on how to stop this kind of tax evasion.

At the time, using ESS was not directly illegal, but giving the HMRC false information or not filing a tax return was. New rules brought in by the Finance Act 2022 (Schedule 14) created clear offences for having, making, selling, or promoting ESS tools. The powers of the Finance Act 2008 (Schedule 36) were also increased, letting HMRC get information about ESS tools from anyone involved in using, selling, or making them.

Previous engagement

The 2018 Call for Evidence investigated how common ESS was in the UK, what effect it had on tax, and how it could be stopped.

It asked for views from companies who make or supply till systems, businesses in retail and hospitality, and professional organisations. Eleven replies were received from experts in these areas, such as till system creators, suppliers, and trade groups.

These replies showed support for HMRC to bring in new steps to tackle ESS, such as making businesses register their till systems, using secure ways to store sales data, and sending sales data straight to HMRC to stop sales from being hidden.

ESS was reported as widespread in certain sectors with the most common methods to carry out ESS being deleting or cancelling sales, wrongly describing VAT items, and using extra tills when checks were being done.

The main ideas suggested were:

making it a rule for till software to meet certain standards
keeping sales records that cannot be changed
using systems that store data online straight away
following successful approaches from other countries

People also said it was important to change attitudes that accept sales suppression, give HMRC stronger powers to enforce the rules, and possibly help small businesses with the costs of following the new rules.

These suggestions helped shape later policies and laws. They are still important for the next steps in working with businesses and are a key reason for this consultation.

Question 2

1. Introduction

Accepted Answer

The government is committed to closing the tax gap and ensuring that everyone pays the correct amount of tax. All businesses must make a fair contribution to support our vital public services. In support of this commitment, the government is exploring further options to tackle ESS.

ESS is where businesses alter digital sales records to underreport transactions and reduce tax liabilities. Businesses, particularly high street businesses, may use illegal software or misuse system features to hide sales, resulting in lost public revenue and unfair advantages for non-compliant firms.

The government is deeply concerned at the effect that ESS has on law abiding businesses on the high street and strongly supports action to defend the high street from those who would cause real harm.

At Autumn Budget 2025, the government announced various initiatives and measures to clamp down on fraud and evasion on the high street to protect the revenue which funds our public services.

HMRC conducted a Call for Evidence on ESS in 2018. Respondents widely recognised ESS as a common tax evasion method, especially in sectors like small retailers, takeaways, and hospitality. There was also feedback that some businesses (users) asked EPOS providers to add ESS features to their systems.

To tackle this issue, respondents supported more robust controls to reduce the prevalence of ESS. They wanted HMRC to:

prevent data tampering and reduce sales suppression through encrypted transaction logs
explore HMRC certification or registration of EPOS systems

Most respondents noted that while technological solutions offer promise, they come with a potential financial burden on businesses needing to update systems at the same time they are also making changes to comply with the government’s Making Tax Digital requirements. It was also made clear that addressing the behavioural causes of ESS was essential, whilst also reducing the potential cost to businesses.

Since then, the government has introduced improved legislation to tackle making, promotion, selling, and use of ESS tools. This legislation supports HMRC’s ‘Respond’ strand of its compliance strategy. The government is committed to tackling high street threats and levelling the playing field for the compliant majority.

HMRC aims to complement its ‘Respond’ compliance strategy by strengthening its efforts to prevent fraud before it happens. The measures outlined in this consultation will target ESS through upstream compliance, which work alongside enforcement actions to improve efficiency, ensure accurate tax payments and deliver value.

The role of HMRC

The money HMRC collects — £858.9 billion in 2024 to 2025 — pays for the schools, hospitals, police and other essential services the nation relies on, as well as the armed forces and security services that keep the nation safe.

The best way to help individuals and organisations get their tax right is through the design of the tax system — which is why HMRC’s compliance strategy is focused around 3 approaches:

preventing non-compliance through well designed policies, processes and services
promoting compliance through education and customer support
responding robustly to non-compliance when it happens

Using cutting-edge data analysis, HMRC identifies risks to compliance and designs tailored, targeted and proportionate interventions to address them.

HMRC is focusing on preventing problems before they occur and reducing the number of cases which need to be investigated by compliance officers — this known as upstream compliance. This makes it easier for taxpayers to get their tax affairs right and allows HMRC to focus resources where it can make the most difference.

Currently HMRC’s compliance approach to ESS has been through traditional compliance checks, which due to the complex and hidden nature of ESS have not always been effective, and at times can prove lengthy for the customer and HMRC. As such this consultation seeks to introduce measures which streamline and improve the effectiveness of HMRC’s response, making the process as efficient as possible.

Most customers get their tax right and pay the correct amount. HMRC supports honest taxpayers whilst making it hard for dishonest taxpayers to cheat the system and gain an unfair advantage. In line with the HMRC Charter, HMRC strives to treat all customers fairly and with professionalism.

The consultation

This consultation seeks to gather views on the potential measures that HMRC could introduce to target ESS.

The government believes that strengthened controls in the EPOS/MPOS sector have the potential to dramatically reduce the incidence of ESS, provide clear expectations to businesses and industry, and ultimately increase trust in HMRC’s ability to detect and investigate serious tax evasion.

The government is therefore undertaking a consultation to understand more about:

how the sector has changed since the previous Call for Evidence in 2018
how software standards could be introduced within the EPOS/MPOS sector to mitigate the impact of ESS
what opportunities and challenges introducing software standards would bring
what impact the introduction of software standards would have on tax evasion
how the POS industry could contribute to the development and implementation of any measures

Question 3

2. Electronic Sales Suppression

Accepted Answer

What is Electronic Sales Suppression

ESS is when businesses manipulate digital sales records to hide or reduce the value of transactions, lowering their reported turnover and tax liabilities. This can be done by using illegal software designed for tax evasion or by misusing legitimate system features to exclude sales from accounts.

This tax evasion results in a loss of money for public services and has the potential to give non-compliant businesses an unfair market advantage over their competitors.

ESS case study

HMRC investigators found that a business had been evading tax on its retail sales but were not able to establish how the evasion was occurring. Deepening the enquiry, EPOS specialist investigators were able to establish that hidden functionality existed within certain versions of the software, which allowed the owners of the business to alter the value of items sold within the system data at a later point.

The owners used these functions to replace high value items sold with lower price items, with the subsequent audit trail reports reflecting the lower amounts. The function was automated and could change the details in bulk and at speed at the press of a few buttons on the terminal, rather than having to edit each instance manually.

What is an EPOS system?

An EPOS system is a technological solution that helps businesses manage daily operations by recording sales, payments, stock, receipts, and other financial data in real time. These systems support accurate record-keeping for business management and tax compliance. Currently, there are no mandatory standards for EPOS or MPOS systems in the UK, although many providers support the idea of introducing such standards, as is seen in other countries such as Austria, Germany and Norway.

Many countries have introduced the mandatory use of EPOS systems to generate and preserve sales data from cash transactions for tax compliance purposes. 16 of the 37 OECD countries have taken this approach, with 5 of these also requiring automated transmission of this data to their tax authorities.

Increasing use of card and digital payments

Several organisations have conducted research and published findings into the increase in use of card payments and the reduction in cash transactions within the UK. The British Retail Consortium (BRC) examined payment trends among retailers in its 2024 Payments Survey. The BRC’s data showed a similar decline in cash usage (53% in 2013 down to 15% at its lowest point in 2021), although the data showed a small recovery in cash usage to 20% in 2023. The data suggested that the overall decline was driven by a move to card payments, with debit cards being used in 32% of retail payments in 2013, and 62% of payments in 2023.

As an EPOS system is required to make a card or digital payment in a retail setting, any increase in the use of these methods would contribute to greater numbers of EPOS systems which increases the risk of ESS being conducted.

ESS and tax evasion

In recent years it has become apparent through HMRC’s operational activities in combatting ESS, that certain individuals and businesses in EPOS/MPOS supply chains are developing or modifying POS systems to deliberately suppress sales to facilitate tax evasion. The sectors where this is most prevalent is consistent with the feedback from the 2018 Call for Evidence, meaning small retailers, takeaways and hospitality.

The business population estimates for the UK and regions 2025 by the Department of Business and Trade (DBT) published in 2025 indicates that of the 5.7 million private businesses in the UK, there are approximately 547,000 retail and wholesale businesses.

In previous years HMRC has calculated the risk resulting from ESS, with a report in 2016 into a specific form of ESS indicating it could be responsible for £100 million of tax losses, and a separate report in 2019 looking at a broader picture concluding that the risk of VAT losses alone could be in excess of £450 million a year.

The National Audit Office (NAO) published the Tackling Tax Evasion in High Street and Online Retail Report in 2024, which noted that HMRC estimates that compliance yield from its work on ESS increased from £17 million in 2022 to 2023 to £98 million in 2023 to 2024, due to increased focus and casework (from 253 cases to 1,275). The stakeholders interviewed had mixed views on whether HMRC’s enforcement action is adequate. This included, for example, positive views about HMRC’s approach to tackling suppliers of ESS technology, and concerns about the extent to which HMRC pursues businesses that appear to be using ESS to reduce their tax liability.

In the 2023 to 2024 tax year HMRC estimated that the small business tax gap had grown to £28 billion, representing 60% of the overall tax gap of £46.8 billion. The small business evasion component, which is the deliberate and illegal act of hiding or misrepresenting income or activities to dodge paying the tax that is lawfully due; has grown to £5.2 billion (up from £4.6 billion in 2022 to 2023).

As previously highlighted, HMRC’s approach to ESS is centred on the ‘Respond’ strand of its strategy, which involves detailed technical enquiries and using new legislation to deter fraudulent activity. While this method requires specialist resources, the introduction of enhanced measures and updated legislation is expected to bolster HMRC’s capabilities, enabling more effective and efficient investigations. HMRC is committed to developing and improving its strategies to tackle ESS, including exploring ways to prevent till fraud before it occurs, thereby strengthening both preventative and responsive actions within its overall framework.

Updating this legislation to introduce software standards is essential to improve the ability of HMRC to investigate these cases and reduce the opportunity for businesses to conduct ESS.

This operational experience suggests that ESS continues to grow, although the scale of evasion is difficult to calculate given the concealed nature of this evasion activity. The government is committed to strengthening its measures to limit and disrupt ESS, while simultaneously improving its existing compliance response.

As there are over half a million business in the highest risk sectors for ESS, an approach based on one-to-one interventions and investigations is not sustainable or practical. An approach must be developed which prevents fraud from occurring in the first place, allowing HMRC to target its resources towards those who continue to persist with evasion in the most serious forms.

By implementing mandatory software standards which prevent ESS, the government aims to make it harder for those who seek to carry out tax evasion, and level the playing field for the compliant majority.

Some ESS case studies are provided in Annex C.

Question 1: Are you aware that EPOS/MPOS systems can be modified to alter the audit trail? In your experience, how?

Question 2: How has the threat posed by ESS changed since 2018 either in the UK or Internationally?

Market changes

Since the previous Call for Evidence, the market for EPOS and MPOS systems has changed significantly. There are now a range of low-cost systems available making the operation of an EPOS or MPOS system viable for even the smallest businesses.

Question 3: Please provide your views on how ESS technology is marketed, promoted and sold?

Question 4: What effect has the recent proliferation of MPOS systems had on your business?

In addition, advances in accounting software and integration have meant that linking EPOS/MPOS systems to automatically record sales within accounting software is becoming easier and more accessible.

The government is concerned that as technological solutions have become more available and accepted, the risk of those systems being used for ESS has grown. The government is interested in improving our understanding of how the increasing accessibility of technology is facilitating ESS and how modern data encryption and transaction blockchain technology can be used to prevent and deter tax evasion by ESS.

Question 5: Do you agree that the advances in technology seen in the EPOS/MPOS sector have made it easier to carry out ESS, if so, how?

Question 6: What trends or innovations within the EPOS/MPOS sector do you think will have the largest impact over the next 5 years?

The legislative position

The government has always been able to penalise the act of tax evasion but until recently there was no specific offence related to possessing ESS tools or facilitating the use of them. New powers and penalties were introduced in Finance Act 2022 to help HMRC tackle ESS by making the possession, making, supply, or promotion of ESS tools an offence.

This legislation titled Finance Act 2022, Schedule 14:

clearly defines what an ESS tool is so the government can be clear when someone is committing an offence
enhances existing information and inspection powers to obtain information about ESS tools and those involved with them
introduces new penalties to penalise those who possess, make, supply or promote ESS tools

Question 7: Have you seen any impact following the introduction of the new legislation either in society in general, or specifically to your business? If so, what has that been?

Question 4

3. Software standards in the EPOS/MPOS sector

Accepted Answer

The government’s preferred option for tackling ESS is to introduce standards for the EPOS and MPOS sector.

Software standards for EPOS/MPOS systems are a set of uniform rules, protocols, and compliance requirements that all EPOS and MPOS solutions must follow. These standards are designed to ensure that every system records sales and financial data accurately, securely and in a way that cannot be easily manipulated or tampered with.

By establishing clear expectations for how EPOS systems should operate, software standards help protect businesses, manufacturers, and consumers from the risks of ESS where sales records are altered to evade tax and help HMRC protect revenues due to the exchequer.

Understanding these standards, and the benefits they may bring, is important for all users of EPOS systems, but particularly for developers and suppliers of systems/software, as they will shape how EPOS/MPOS systems are built, certified, and used in the UK.

For businesses, these standards ensure accurate transaction recording and compliance, reducing errors and the risk of tax evasion. Manufacturers gain clear guidelines, making development more efficient and boosting competitiveness, while also opening doors to international markets. Agents and auditors benefit from reliable records, simplifying tax submissions and increasing confidence in business declarations. Consumers, meanwhile, enjoy greater transparency, fair pricing, and enhanced trust in retailers.

Ultimately, these changes foster a more secure, fair and trustworthy environment for all, ensuring everyone plays by the same rules and supporting the integrity of the marketplace.

Question 8: Do you agree with these benefits? Are there any other benefits that you feel would be created by the introduction of software standards?

Question 9: What do you feel would be the impact on competitiveness in the sector following the introduction of software standards?

Question 10: What burdens could this place on business?

Question 11: What are the most/least concerning burdens for you or your business?

Question 12: How could any additional costs or business burdens be minimised?

Other countries have either developed or are in the process of introducing similar measures, the government is also keen to hear views around how these measures have been implemented and their effect on ESS.

Question 13: Do you have knowledge or experience of working with standards in other jurisdictions, such as, but not limited to, Austria, Germany, or Norway?

The following sections will outline the specific measures being proposed to strengthen compliance and integrity across the sector.

Question 5

4. Proposed measures

Accepted Answer

The package of measures the government has identified potentially include:

requiring an unalterable and complete transaction log using the OECD Standard Audit File for Tax (SAF-T) data format, containing details of every individual transaction and adjustment that are together indelibly linked in an encrypted chain
establishing a register of systems of EPOS/MPOS systems sold, transferred, or used in the UK with a method of certifying that new EPOS/MPOS comply with the new standards
requiring mandatory information recording by the EPOS/MPOS system, for specific information to be included on receipts, reports produced by the device and mandatory receipting
new streamlined compliance checks and tools aimed specifically at the retail sector
a general requirement for the suppliers of EPOS/MPOS systems to protect the integrity of their systems to prevent ESS
further strengthening the government’s ESS legislation and development of new compliance techniques to ensure compliance with software standards while improving retail sector compliance

These measures are designed to work together to ensure compliance. Ideally these would be implemented via updates to existing systems rather than requiring replacement of current systems. It is likely that the measures would be introduced over time rather than all at once, to allow businesses and manufacturers time to ensure their systems meet the standard, though the process or timeline of implementation has not yet been decided.

These measures are laid out in more detail in the following sections and Annex B contains a summary of similar measures adopted internationally.

Standard Audit File for Tax

Standard Audit File for Tax (SAF-T) is an international data standard defined by the OECD. It sets out rules for electronic storage and exchange of reliable accounting data from organisations to a national tax authority or external auditors.

It was developed to facilitate the automated exchange of data, making it easier for tax authorities to audit businesses and ensuring that tax compliance is upheld.

Version 2 of the SAF-T was introduced in April 2010 (replacing the original 2005 version) and since then a growing number of countries have implemented it, with several making it an integral part of their certification regimes. The SAF-T standard is widely adopted internationally, however there are other lesser used standards such as the audit standard ISO 21378:2019, produced by the International Organization for Standardization (ISO).

The original purpose of SAF-T was to establish a unified format for financial records, making tax audits more efficient by enabling greater automation and reducing costs for both tax authorities and businesses. Over time, its application has broadened, with more tax administrations now using SAF-T to facilitate the automatic filing of tax returns. By harmonising data standards and aligning them closely with accounting records, SAF-T helps ease compliance for businesses and enhances the ability of tax authorities to verify information. This is especially beneficial when SAF-T data can be seamlessly integrated with other digital sources, supporting more comprehensive comparisons and checks.

The proposal would be for all EPOS/MPOS systems used in the UK to store their sales records in this format. The SAF-T format has a number of advantages for businesses, their tax agents and the tax authority: it brings improved accuracy which reduces financial reporting errors; speeds up audits through having a standardised record; enhances financial clarity and discourages fraud; reduces agent costs; cuts paperwork and costs for businesses through greater automation.

Question 14: Would having a standardised format benefit businesses in the UK?

Question 15: Would requiring a data standard for EPOS/MPOS systems, aligned with other countries, reduce complexity for manufacturers?

Question 16: What are the are the wider issues related to the introduction of the SAF-T standard for EPOS/MPOS systems?

Individual transaction recording and encryption

HMRC recommends that businesses keep records of every transaction that takes place, however this is only guidance for the smallest of businesses. Where businesses are registered for VAT, this is already a requirement. Many businesses will keep end of the day ‘z reads’, but these can be incomplete which can lead to errors in reporting.

The government proposes that all businesses would be required to retain a complete encrypted audit trail of every individual sale processed by the EPOS/MPOS system. This would apply for all transactions, regardless of the means of payment.

Encryption of these records is necessary to prevent tampering following the completion of a transaction. If the audit trail within the system is unalterable, then it increases confidence in the integrity and evidential value of the record.

Ensuring that all EPOS/MPOS systems automatically create and protect records prevents problems such as missing sales data or till rolls, which can inhibit reviews of business audit trails.

Question 17: What do you see as the key benefits in having an indelible encrypted record of sales contained on EPOS/MPOS devices?

Question 18: What are the barriers to introducing encryption or other security features either on existing or new EPOS/MPOS systems?

Transaction chaining

Chaining of receipt data is where receipts are digitally signed and encrypted and then linked to the previous receipt in the transaction log, thus forming an indelible encrypted chain which functions as the audit trail. This could be considered a form of closed system transaction blockchain.

This process removes the possibility of tampering with records as any change in previous receipts invalidates the chain. Various details of the transaction can be recorded, including the cash register ID, receipt number, time, product description, gross amount, and signature/chaining values.

The record of a transaction can either be generated, encrypted and included in the chain at the start or end of a transaction depending on if a Tax Authority wishes for all aborted or cancelled transactions to be included in the records.

When combined with technical standards which define the information that is required to be kept on the receipt, it allows the development of tools to quickly check the validity of a receipt by reference to the transaction chain.

Question 19: What are the key benefits and risks to businesses of an EPOS/MPOS system which connects each individual transaction to the previous and the next?

Question 20: At which point do you think the transaction log should be protected, at creation (so all voids, cancelled sales or voided sales are included), or completion (so only finalised transactions are included)?

Question 21: What barriers would you face to the introduction of a form of encrypted transaction chaining, based on a form of closed loop blockchain?

Registration and certification of EPOS/MPOS systems

There are currently no minimum standards for POS systems and HMRC’s operational activity has highlighted how easy it can be to manipulate these systems to remove sales from their audit trail. The government believes that by requiring all EPOS systems to be registered with HMRC or to have a form of certification (that it is compliant with certain standards and is protected against tampering by ESS tools) would restrict the supply of non-compliant systems, making it harder to conduct ESS. This is done in Norway where the tax authority certifies EPOS systems and publishes the list of compliant and certified system on the government’s website. The 2018 Call for Evidence responses suggested that the EPOS industry would welcome this approach.

There are 3 options for how this system could be operated:

manufacturer’s software certification
supplier registration
user registration

Manufacturer certification of systems would mean manufacturers would have to confirm to HMRC that the system is protected against tampering from ESS tools and contains certain stipulated features (like blockchain receipts, encryption, and SAF-T).

Systems without certification or that do not meet certain standards would not be permitted to be sold in the UK, thereby cutting off the supply of systems which enable ESS. This could include resale of old systems. The government believes that those businesses that are determined to obtain a non-certified system would find it more difficult. However, taking such action could increase the environmental impact as legacy non-compliant systems would no longer have any use or market.

An alternative to a system of manufacturer certification could be a supplier registration system which could require whoever sells a system to a user to register that system as a condition of sale, to reduce the possibility of users choosing not to register systems as a method of avoiding scrutiny.

User Registration is the final option where on purchase or transfer of a system, the new owner is required to register the system. Those who do not register their system, or users of non-compliant systems would then be visible through targeted compliance activity.

The various registration and certification options are not mutually exclusive and could be introduced in combination.

Question 22: Who do you think should make the decision on if an EPOS system meets requirements? Should manufacturers be able to self-certify their own systems?

Question 23: Are there any reasons why a register of certified systems may not be feasible in the UK?

Question 24: Who do you feel should be responsible for registering an EPOS system?

EPOS reports and receipt data

The government is considering stipulating that EPOS/MPOS systems must produce reports which provide reliable information from the encrypted audit trail. The most common implementation method in other countries is via QR codes on till reports which can be scanned to check the integrity of the records and the associated cryptographic and encryption protections. In several countries where receipt data is regulated, this is often accompanied by some form of mandatory receipting which will also be considered as part of the package of measures proposed in this consultation.

Some countries have developed systems to use QR code reports to carry out routine business checks. The QR code is scanned and allows the compliance officer to quickly check the integrity of the audit trail and certain required values. This allows the tax authority to be more efficient in its compliance activity as these checks can be carried out much quicker than traditional compliance checks which encourages more interventions earlier in the customer journey improving compliance and cost effectiveness.

Question 25: What are the potential benefits and risks and challenges of introducing mandatory data on receipts or other reports to enable checks on the validity of transaction records?

Question 26: What are your views on mandating the issuance of receipts for all transactions and how would this change if a minimum limit was applied, for example only requiring receipts for transactions above £35?

Mandatory use of EPOS/MPOS systems to record all sales in sectors at high risk of ESS

ESS is most prevalent in small retailer, takeaway, and hospitality sectors. The government is considering mandating that businesses that operate in sectors most exposed to ESS are required to use a compliant EPOS/MPOS system to record all of their sales.

The standards proposed in this consultation, particularly encryption, chaining and standardisation of data formats, create an environment where transactions are protected by default and are available for analysis by the business, HMRC and external business auditors.

Question 27: What are your thoughts on mandating that appropriate businesses record all sales using an EPOS/ECR system?

New compliance checks and tools

In 2025, HMRC commissioned research on small businesses’ experience of compliance checks. A strong theme from that report was that these businesses wanted more routine checks and proactive engagement from HMRC to help businesses identify errors early and avoid lengthy and detailed enquiries.

As technology is improving there is scope to adapt HMRC’s compliance check process for retail businesses, to reflect this feedback. When receipts and report outputs are standardised with certain specified information derived from the encrypted audit trail, it can speed up and streamline the compliance check process. Other jurisdictions which have done this require that the report produced by the EPOS/MPOS device can produce a QR code which can be scanned by the compliance officer which checks the integrity of the encryption and cryptographic chaining, as well as providing certain summary or periodic values.

Austria stipulates that all EPOS systems and ECRs must create and store a digital signature for each transaction. This signature is included in the QR code displayed on all receipts and can be scanned to verifying the transaction has the digital signature and the receipt’s data hasn’t been altered.

This QR code could potentially be scanned by both the Tax Authority and by consumers themselves. This allows consumers to digitally verify their own cash or card transactions, fostering trust and transparency in the sale.

The till report QR codes could also allow for ‘quick checks’ whereby an HMRC officer attends unannounced, requests a till report, scans the QR code to check the integrity of the system, verifying summary values on the report and, if complete and correct, then the officer leaves and closes the check. This could be done within 30 minutes, whereas some traditional compliance investigations can take many months or years to come to a conclusion.

This approach of lower intensity checks and visits will ensure a wider compliance coverage in the retail sector, allowing HMRC to focus its traditional enquiries into those businesses which are more likely to be evading.

Question 28: What are your views on HMRC conducting light-touch compliance checks to verify EPOS system compliance?

Manufacturer/supplier penalties

In the 2018 Call for Evidence, leading manufacturers and suppliers of EPOS welcomed the idea of regulatory changes as they believed ESS development and promotion was, by and large, done by less reputable providers and re-suppliers. In combination with the measures above which strengthen regulation in the sector through potential registration of systems and defining what information must be recorded and stored, the government proposes to introduce penalties for those manufacturers who fail to adequately protect their systems from being used for ESS.

Developing and implementing penalties on manufacturers/suppliers of EPOS systems which do not meet the required standards, sets a clear expectation that industry is responsible for these systems. As a result, less reputable providers or those who seek to modify compliant systems to facilitate ESS will face a realistic consequence for continuing to supply systems capable of carrying out ESS.

HMRC would work alongside industry to ensure that where vulnerabilities are identified, and where the manufacturer has made HMRC aware of it and puts measures in place to mitigate, sanctions can be avoided. This is intended to promote ongoing industry cooperation and wider sectoral compliance.

This measure would create a robust anti-ESS culture in the market where security of the systems and compliance with regulations are adhered to by the EPOS industry, under threat of penalties if they fail to protect the integrity of their systems. This reduction in access means only the most determined evaders would be using non-compliant systems.

Question 29: What do you think of placing an obligation on EPOS/MPOS manufacturers/suppliers to protect the integrity of their systems?

Question 30: Do you think that an associated penalty for failing to protect the integrity of the system would encourage early voluntary compliance?

Question 31: Are there any specific factors that would facilitate or hinder the introduction and use of software standards in the UK?

Question 32: What do you feel would be essential in the approach the government takes when introducing software standards that would reduce the impact on EPOS users, developers, and manufacturers?

Conclusion

The measures laid out in the sections above aim to make it harder for those who seek to carry out ESS by regulating the data recorded and held by EPOS/MPOS systems and making it easier for HMRC to investigate those businesses who seek to evade and provide reassurance for those following the rules.

The government’s view is that the work to ensure that systems comply with the regulations will be carried out by manufacturers, minimising the impact on businesses. The average high street business will see very little change to their day-to-day operations as the features listed above such as encryption and transaction chaining will largely occur automatically with little to no input from the user.

The preferred solution would ideally be one which can be delivered through updating existing systems rather than replacement to minimise both the financial and environmental cost. The results of this consultation will be used to determine the way forward as well as conversations with stakeholder and industry groups.

These proposals form a comprehensive package of measures which the government believes will be an effective tool in dealing with the problem that ESS poses, without placing undue burden on businesses and users of EPOS systems.

Question 6

5. Summary of consultation questions

Accepted Answer