Policy paper

Strengthening standards for software that integrates with HMRC

Published 26 March 2026

Executive summary

As set out in HMRC’s Transformation Roadmap and strategic approach to third-party software there are clear benefits for HMRC, software providers and customers in a thriving, innovative software market that makes it simpler for customers to meet their obligations, offers fair competition between providers, and supports a healthy, effective tax and customs system.

HMRC already sets standards for some software that integrates with its systems. As reliance on third-party software increases, there is a clear opportunity to strengthen standards and apply them more consistently across the market. Doing so will reinforce the good practice seen across most software providers, protect the integrity of the tax and customs system and support fair competition by creating a more level playing field.

This plan has been shaped through broad, early engagement with software providers and other stakeholders, including the Business Application Software Developers Association (BASDA), Confederation of British Industry (CBI) and Chartered Institute of Taxation (CIOT), and sets out the proposed direction for strengthening software standards. It does not introduce new enforceable requirements at this stage, but HMRC is exploring how the standards, once strengthened, will be upheld. This document explains the themes where standards will be strengthened collaboratively over time, supported by clearer governance and engagement with software providers and stakeholders.

1. Introduction

HMRC recognises the important role that intermediaries, including software providers, play in supporting taxpayers to meet their tax and customs obligations. In 2024 to 2025, approximately 90% of returns were submitted via third-party software, and reliance on software is expected to increase as HMRC continues to become a digital-first organisation.

As set out in HMRC’s Transformation Roadmap and strategic approach to third-party software strengthening software standards forms part of HMRC’s wider approach to supporting the tax and customs system. This approach recognises that software operates alongside the advice and services provided by tax advisers and other intermediaries and must align with HMRC’s wider intermediary approach.

This document sets out the strategic direction and expectations for strengthening software standards, and how this work aligns with existing requirements, including the HMRC Developer Hub Terms of Use and wider commitments in the Transformation Roadmap such as software registration.

HMRC is publishing this plan to:

• signal the future policy direction on third-party software standards, in partnership with stakeholders
• set out the intended outcomes for customers, software providers and the wider tax and customs system
• outline planned work and indicative timelines for developing strengthened software standards

This plan does not replace existing legal obligations, technical specifications, the HMRC Developer Hub Terms of Use, or other guidance contained in HMRC’s Developer Hub.

1.1. Who will be in scope of standards

Once developed, the strengthened standards will apply to all third-party software providers whose products integrate with HMRC’s Application Programming Interface (API) based available services. This includes any external application, product or platform that connects to HMRC systems for the purpose of submitting, retrieving or exchanging information.

HMRC currently supports 2 integration mechanisms for software providers, depending on the API used:

• JSON RESTful APIs, provided through the HMRC Developer Hub
• XML APIs, maintained for specific services where XML remains the only supported integration method

Software that does not integrate with HMRC systems using these APIs is out of scope for these standards. HMRC will keep the scope under review to ensure strengthened standards remain appropriate as the market evolves, including if integration mechanisms change over time.

1.2. What success will look like

HMRC already sets standards for certain third-party software that integrates with its systems. As reliance on third-party software increases, strengthening and applying these standards more consistently across the market presents an opportunity to further enhance HMRC’s ability to prevent harm, promote best practice and respond consistently to emerging risks.

Over time, strengthened standards will support clearer outcomes across the system:

• for HMRC, increased confidence that software providers and products support compliance by design and reduced reliance on reactive intervention
• for software providers, clearer and more consistent expectations, and fair treatment across the market
• for software users, improved quality, stronger protections and reduced risk of error

This plan is designed to provide early clarity, support engagement with software providers and stakeholders, and establish a shared understanding of how software standards will be developed collaboratively over time. This document does not limit HMRC’s ability to act proportionately to prevent harm to the tax and customs system. Where necessary, HMRC may clarify or apply expectations for software providers ahead of longer‑term standards development described in this plan.

2. Software standards: current expectations and future direction

This section summarises existing expectations for third-party software that integrates with HMRC systems, the themes that will shape future strengthened standards and the way HMRC intends to structure and apply those standards over time.

2.1. Current software standards and existing requirements

HMRC already sets standards for certain third-party software that integrates with its systems. For example, software providers that integrate through the HMRC Developer Hub must comply with the Developer Hub Terms of Use. The Terms of Use sets out requirements covering the following areas:

• service management
• fraud prevention obligations
• marketing
• data handling
• customer authorisation obligations
• development practices
• software security obligations

HMRC has also published expectations for software providers that use generative AI. Where generative AI augments software products HMRC expects it to:

• be transparent
• embed human oversight and control
• be ethically sound
• have robust data security and privacy measures in place
• align with legislation and case law, take account of HMRC guidance and only use reliable source data

Existing requirements remain the foundation for software that integrates with HMRC systems. Strengthened standards will build on this baseline, bringing expectations together more consistently across services, and covering areas not currently addressed, while avoiding unnecessary duplication. Existing regime specific requirements, legal obligations and contractual arrangements, such as those in customs, will continue to take precedence.

2.2. Future direction: themes shaping strengthened standards

HMRC, working with industry, has identified 5 themes that will shape the future development of software standards. These themes reflect where HMRC sees increasing reliance on third-party software, clear opportunities to improve customer outcomes and areas where strengthened standards can best protect the integrity of the tax and customs system.

The themes below signal the direction of travel that HMRC will develop further with industry. They are not exhaustive or finalised and serve to indicate where expectations will be strengthened over time.

The themes are intended to guide discussion and engagement. They will be refined through co-design with industry to ensure the final standards are clear, proportionate and deliverable across a diverse software market.

2.2.1. Product integrity

Future standards will place greater emphasis on pre-deployment assurance, including ensuring that software which performs tax or customs calculations is demonstrably accurate. The areas this theme will explore include:

• testing against current legislation and customer specific inputs
• reducing the risk of incorrect outputs that could lead to non‑compliance, penalties or customer harm
• designing and testing to support operational resilience, including appropriate redundancy and fallback arrangements

This reflects HMRC’s commitment to deliver high quality, resilient and reliable products that prevent avoidable errors at source, rather than relying on downstream correction after inaccuracies have affected customers. It recognises that accuracy depends on user inputs, as well as software products that are designed to support accurate and timely calculations and submissions.

2.2.2. Supporting correct outcomes

Future standards will actively support compliant behaviour and reduce user error, particularly in areas of complexity, frequent legislative change or higher compliance risk. The areas this theme will explore include:

• in product prompts, such as HMRC Assist submission feedback or warnings, that guide users at the point of data entry
• alignment with HMRC data driven insights, legislation and case law
• design approaches that reduce cognitive burden and misinterpretation

This reflects HMRC’s commitment to support seamless tax and customs administration and focuses on how software influences real-world behaviour and compliance outcomes, not solely on how it transmits data to HMRC systems. It also links to HMRC’s commitment to improve customer journeys by providing targeted support.

2.2.3. Data accountability

Future standards will support effective compliance activity through improved data availability and traceability. The areas this theme will explore include:

• retention of appropriate transactional level data in line with legal and HMRC defined requirements
• the ability to provide HMRC with access to relevant data where required for audit or compliance purposes
• maintenance of clear audit trails of user actions and system events

This reflects HMRC’s commitment to reflect diverse user needs and supports HMRC’s ability to investigate both errors and deliberate noncompliance in an increasingly digital environment.

2.2.4. Error management

Future standards will encourage earlier identification and resolution of tax or customs related errors within software products. The areas this theme will explore include:

• mechanisms for detecting errors that affect compliance outcomes
• timely reporting of significant issues to HMRC, including system outages or service issues
• promptly remediating errors to minimise customer harm and reduce the tax gap

This reflects HMRC’s commitment to responding effectively to technological change and customer need. It focusses on error reduction and shared responsibility across the tax ecosystem.

2.2.5. Misuse and fraud prevention

Future standards will address risks associated with software being used to enable or scale non-compliant behaviour. The areas this theme will explore include:

• identifying misuse
• design features that reduce opportunities for large‑scale abuse
• supporting HMRC’s wider efforts to tackle organised and persistent non-compliance

This reflects HMRC’s commitment to operating through strong collaboration and mutual trust. It focuses on scalable risks, that arise from how software is designed and used, which HMRC will work with the software industry to address.

2.3 Relationship between software provider and software product standards

HMRC’s approach recognises that effective oversight requires clarity on both how software products behave when interacting with HMRC systems and the responsibilities of the providers that design, operate and maintain them.

Provider level standards will focus on organisational and operational responsibilities and will support HMRC’s ability to understand who is operating in the market and engage proportionately where concerns arise. Product level standards will focus on how individual products interact with HMRC systems and support customers to meet their obligations, with a core set of standards applied across products and additional regime-specific expectations where needed. Together, these standards will provide a more coherent approach to oversight.

3. How strengthened software standards will be governed and upheld

Alongside strengthening standards, HMRC will define a clear and workable approach to how strengthened standards are governed and upheld. This will set out HMRC’s role in applying standards consistently and proportionately.

3.1. What you can expect from HMRC

As expectations of software providers evolve, HMRC recognises the importance of being clear and consistent in its own approach. HMRC will communicate its own standards and behaviours in relation to software that integrates with HMRC systems, including how expectations are set, communicated and applied.

This includes providing greater transparency about how standards relate to existing requirements, communicating changes clearly and in a timely way, and strengthening alignment across teams involved in software standards, registration and oversight, to support more coherent decision making.

HMRC also recognises that strengthened standards must be supported by clear and reliable HMRC systems, processes and communications. As set out in HMRC’s strategic approach to third-party software, alongside these software standards we will also seek to clarify and codify the standards that providers can expect from HMRC, supporting shared accountability across the system.

3.2. HMRC’s approach to upholding software standards

Strengthened software standards will be upheld in a way that is proportionate, risk based and aligned with HMRC’s wider approach to intermediaries. This will build on existing controls. For example, software providers that integrate with HMRC through the Developer Hub are required to comply with the Developer Hub Terms of Use, and HMRC may deny, suspend or remove access where those terms are breached.

This approach will be supported by risk-based oversight that reflects the scale and potential impact of harm to the tax and customs system. It will align with wider work on software provider registration to support understanding of who is operating in the market and enable proportionate engagement and response where concerns arise, in line with HMRC’s approach to addressing intermediary harm.

Consideration of how standards will be upheld in practice will be embedded in the design and implementation of software standards. HMRC retains the authority for setting and upholding standards, including determining how they evolve over time as the software landscape changes.

3.3. Role of senior leaders within software providers

Senior leaders within a software provider play an important role in ensuring that products and related activities comply with HMRC’s standards. This includes establishing clear internal ownership and maintaining appropriate senior oversight of decisions that could affect how software interacts with HMRC systems or supports customers in meeting their obligations.

HMRC will explore, with stakeholders, whether strengthened standards should include clearer expectations for senior leaders on management and oversight. Any such expectations would be developed carefully, informed by engagement, and aligned with HMRC’s wider, proportionate approach to intermediaries.

4. HMRC’s engagement and co-development approach on software standards

HMRC recognises the essential value of close engagement with software providers, representative bodies and other stakeholders.

HMRC will take a collaborative approach to developing strengthened software standards. Engagement will be used to test emerging proposals, understand impacts, and refine approaches before standards are finalised or introduced.

This will include targeted use of existing engagement forums, such as the Strategic Software Forum, and working groups as appropriate. This approach supports transparency, champions our commitment to ‘working in the open’, improves quality, and encourages early alignment with HMRC’s direction.

4.1. Principles of engagement

HMRC will take a structured and proportionate approach to engagement, ensuring that input is considered alongside evidence of impact, representativeness and applicability across the software market. HMRC values input from stakeholders, but the amount or frequency of engagement does not affect how views are considered. Engagement and co-development will not replace HMRC’s responsibility to set, finalise and apply standards that support the tax and customs system.

4.2. High-level timelines and milestones

To support transparency and planning, HMRC is setting out an indicative view of the expected sequencing of activity to strengthen software standards. These timelines provide a high‑level direction of travel rather than fixed commitments and may evolve in response to engagement feedback, policy priorities or operational considerations.

At a high level, HMRC’s current expectations are as follows:

• March 2026 — Publication of HMRC’s plan for strengthening software standards
• April to Autumn 2026 — Co‑development and engagement with stakeholders to draft detailed standards, including at the BASDA Summit in April.
• Autumn 2026 to early 2027 — Testing with software providers to assess deliverability, impact and proportionality of standards, and to inform decisions on implementation and transition
• Mid to late 2027 — Evaluation, refinement and alignment with the Terms of Use and registration processes, including confirmation of transition period

In developing and sequencing this work, HMRC will consider proportionality, deliverability and impacts across a diverse software market, including the needs of smaller providers.

4.3. Testing emerging software standards

Before finalising the strengthened standards, HMRC will test proposed approaches in practice to ensure they are effective, proportionate and deliverable. In some areas, this will involve working more closely with a smaller group of software providers to test emerging standards or implementation models at an early stage, with wider engagement used to inform and validate findings.

Participation will not create additional obligations for other software providers, nor grant preferential treatment. Evidence and insights from testing will inform HMRC’s decisions on the final software standards.

Where strengthened standards are introduced, HMRC will provide a clear transition period to support early alignment, minimise disruption and ensure standards are deliverable in practice across a diverse software market.