HMRC's criminal investigation powers and safeguards

Updated 13 July 2021

The majority of people in the UK pay the tax that is due and claim only the credits they’re entitled to. However, there is a small minority who are determined not to pay or who set out to defraud the tax and credit system. At its most extreme this fraudulent behaviour can amount to organised criminal gangs making sophisticated attacks on the tax and benefits system.

HMRC is responsible for investigating all attacks against the UK tax system and our other functions and aims to secure the highest level of compliance with the laws and regulations. HMRC has a wide range of civil and criminal powers, tools and interventions. Criminal investigation, with a view to prosecution, is an important part of our overall compliance strategy.

HMRC’s criminal investigation policy explains how we will identify and conduct a criminal investigation.

HMRC is not responsible for deciding if a case will be criminally prosecuted. This decision is made by an independent prosecuting authority following a criminal investigation by HMRC. The independent prosecutors are:

1. HMRC’s criminal investigation powers

HMRC has similar criminal investigation powers to other UK law enforcement agencies, but the use of these powers is limited to HMRC-related offences. For example, fraudulent evasion of tax.

HMRC has powers to:

  • apply for orders requiring information to be produced - production orders
  • apply for and execute search warrants
  • make arrests
  • search suspects and premises following arrest
  • recover criminal assets through the Proceeds of Crime Act 2002

As a national department HMRC operates within all 3 UK judicial systems and specific powers are appropriate to each jurisdiction.

England and Wales

Our criminal investigation powers are made available to HMRC through the Police and Criminal Evidence Act 1984 (PACE).

Northern Ireland

Our criminal investigation powers are made available through the Police and Criminal Evidence (Northern Ireland) Order 1989 (PACE (NI)).

PACE and PACE (NI) modifications

Some of the powers in PACE and PACE (NI) are modified for HMRC. For example, a search warrant may allow HMRC to search people found on the premises without the need for arrest. This allows, for example, HMRC to search a bookkeeper who may have evidence in a briefcase or laptop when a company’s premises are searched but who is not, in their own right, considered a suspect.

Not all the powers in PACE and PACE (NI) are made available to HMRC. For example, HMRC cannot take fingerprints, or charge or bail suspects. These have to be done by the police.


Officers have powers to seek production orders and search warrants as detailed in the Criminal Law (Consolidation) (Scotland) Act 1995 and the Criminal Procedure (Scotland) Act 1995.

Officers’ arrest powers are detailed in the Criminal Justice (Scotland) Act 2016 (consequential provisions) Order 2018 (known as CJSA) which affords suspects their rights and safeguards.

HMRC’s use of PACE, PACE (NI) and CJSA

HMRC uses PACE, PACE (NI) and CJSA as they provide powers that are designed for use by law enforcement agencies. It means that tax crime is tackled in the same way as other crime, which supports the government’s priority to tackle fraud and crime.

PACE, PACE (NI) and CJSA provide that some powers can only be used by police constables of a particular rank. These powers can only be used by an HMRC officer with the equivalent rank to the stated police officer rank:

  • Sergeant = Officer
  • Inspector = Higher Officer
  • Chief Inspector = Higher Officer
  • Superintendent = Senior Officer

Communication data powers

For cases of serious crime, HMRC can apply to use the intrusive surveillance powers in the Investigatory Powers Act 2016 (IPA), the Regulation of Investigatory Powers Act 2000 (RIPA) and the Police Act 1997. The most significant powers are:

  • the interception of communications
  • intrusive surveillance
  • property interference

These powers are very effective in the fight against serious and organised crime. However, due to their intrusive nature, any requests must be justified and also satisfy the principles of necessity and proportionality derived from the European Convention on Human Rights (ECHR) and embedded in RIPA 2000.

They can be used only when investigating serious crime. The interception of communications has to be approved personally by the Home Secretary and a Judicial Commissioner.

UK cross-border investigations

Cross-border powers contained in the Finance Act 2007 only apply to UK borders and not EU or international borders. These powers take account of the 3 judicial systems in the UK that have significant differences between them, but HMRC’s criminal investigation powers can be exercised in all parts of the UK. For example, a search warrant issued by a court in Scotland can be exercised in England if it is endorsed by an English court, and vice versa.

It may be possible to prosecute an offence in more than one part of the UK. The prosecuting authorities have a system in place to determine in which UK country the offence is prosecuted. This is available through the Crown Prosecution Service website.

Internationally, the UK government has a number of mutual legal assistance agreements with other countries. These allow HMRC to ask for evidence to support our investigations to be gathered in another country where required. Other countries may make similar requests of HMRC.

1.1 Who in HMRC can use criminal powers

Only 2 directorates in HMRC have ‘authorised officers’, who are able to use criminal investigation powers:

  • Fraud Investigation Service (FIS)
  • Risk and Intelligence Service (RIS)

An authorised officer must be appropriately trained and engaged on operational duties that require criminal investigation powers. Not all officers in FIS or RIS are authorised officers. Officers are not authorised to undertake actions for which they are not trained.

1.1.1 Power of arrest

HMRC has specific powers of arrest for HMRC offences and these cannot be used for non-HMRC offences, for example, robbery. Arrests are made only by officers who have been trained and authorised to use the power. At any time HMRC has approximately 1,500 officers with the power of arrest.

1.1.2 Division of civil and criminal powers

When conducting a criminal investigation officers will use their criminal investigation powers to gather evidence to support a future prosecution. Conversely, civil powers are used when seeking to make a civil assessment of tax owed, collect that tax, or levy civil penalties.

It is possible for someone to be under criminal investigation and also subject to civil processes to assess and collect tax at the same time. Officers will use criminal powers to advance the criminal investigation and collect evidence to support a prosecution, and civil powers to gather material to inform the assessment and collection of tax or levying of civil penalties. Internal procedures ensure that the appropriate power is used for the right purpose and that civil powers are not misused to gather evidence to prove a criminal charge.

1.2 Training and support given to HMRC officers who use criminal powers

An officer must be properly trained before they can be authorised to use criminal investigation powers, and training must be kept up to date.

Training covers the powers and HMRC policy and procedures. The broad range of subjects covered include:

  • legislation powers for the 3 jurisdictions
  • entry, search and seizure powers
  • power of arrest
  • cautioning and interviews
  • the law of evidence
  • personal safety and the use of handcuffs
  • responsibilities for disclosure under the Criminal Procedures and Investigation Act 1996

Comprehensive operating procedures are provided in internal guidance. Investigators can also ask for advice from HMRC criminal lawyers. An HMRC lawyer will be assigned to work on the larger criminal investigations. Investigators and HMRC lawyers will consult with the prosecuting authorities at an early stage on major prosecutions.

2. Governance and oversight

HMRC has specific policy owners that have oversight of the criminal legislation and powers that HMRC uses. In addition, HMRC lawyers assist with technical support. The application of the powers is subject to review by managers and assurance teams that are independent from operational units. This ensures compliance with the safeguards that are built into the legislation and associated codes of practice. In addition HMRC is subject to oversight from external inspectors (see section 2.3).

2.1 Authority levels

An authorised officer must get the approval of a higher grade officer before using certain powers. The authority levels for HMRC are set no lower than the authority levels of the police and, due to the nature of our working practices, in most cases are higher than the police equivalent.

For example, HMRC has set the authority level at a minimum of Senior Officer grade for approving applications for production orders or search warrants. The equivalent authority in the police service is at a grade lower, the equivalent to HMRC’s Higher Officer grade (see section 1).

2.2 Oversight of communication data powers

The use of these powers is subject to strict safeguards and overseen by the independent Investigatory Powers Commissioner’s Office (IPCO). The most intrusive surveillance requires prior approval of IPCO. The role of IPCO includes inspecting and reviewing all cases where communication data has been acquired to ensure integrity in the process. IPCO may also revoke any authorisation.

Within HMRC criminal investigation teams, the use of these powers has to be approved at the highest levels and only appropriately trained members of the FIS senior management team can approve or reject applications for the use of these powers.

Like all other aspects of HMRC’s work, criminal investigation is subject to review by HMRC’s Internal Audit directorate.

2.3 External safeguards on the use of HMRC’s criminal investigation powers

There are a range of statutory and non-statutory safeguards (including national codes of practice) applying to HMRC’s use of its criminal investigation powers.

Many of the investigatory powers require external independent approval before they can be used. The person granting approval has to be satisfied that relevant conditions are met. For example:

  • production orders and search warrants have to be issued by a magistrate or judge
  • the use of intrusive surveillance powers is subject to external approval at the highest level
  • HMRC is not responsible for prosecuting the crimes it investigates. The decision whether or not to prosecute is taken by the relevant independent prosecuting authority

External oversight is conducted by:

HMRC is subject to audits by the National Audit Office and scrutiny from Parliament through the Treasury Select Committee and Public Accounts Committee. Additionally, complaints can be submitted to the Ombudsman and the Adjudicator.

3. Personal information charter

HMRC knows how important it is to protect customers’ privacy and to comply with the Data Protection Act 2018. As such, we will not give your information to anyone, including government departments and their agencies, local authorities, the police or any other public or private sector bodies, unless we have lawful authority to do so.

The Personal information charter sets out the standards that you can expect from HMRC when we request or hold information about you during your dealings with us, so that we can provide better services for you. It also sets out how you can help us make sure the information we hold about you is accurate.

You can read more about what you can expect from us and what we expect from you in Your Charter.

4. ‘Open source’ material

HMRC may observe, monitor, record and retain internet data that is available to everyone. This is known as ‘open source’ material and includes:

  • news reports
  • internet sites
  • Companies House and Land Registry records
  • blogs and social networking sites where no privacy settings have been applied

Read more about how HMRC keeps your information safe and confidential in the Personal information charter.