BKM507400 - HMRC operation of the Code: business risk review

The annual or triennial risk review carried out as part of the BRR+ process enables teams to establish a good understanding of the tax risk profile in a particular business. For a bank this process requires the team to consider what evidence HMRC has that the bank:

• has been open and transparent in its dealings with HMRC;
• has appropriate governance arrangements to ensure that all parts of the bank are complying with its commitments under the Code and that these arrangements are applied in practice; and
• does not undertake tax planning that aims to achieve a tax result that is contrary to the intentions of Parliament.

The CCM team does this by reviewing information from a range of sources including information HMRC already holds in respect of a business from pre- or post-transactions’ discussions and information held in the public domain. CCM teams will address gaps in knowledge through direct engagement with the customer, for example by requesting a demonstration of the governance process a particular transaction went through.

The examples at BKM507550, BKM507600 and BKM507650 provide suggestions of what ‘good’ looks like for each of the commitments and what may cause the CCM to be concerned that a bank is not meeting its Code commitments. HMRC would have concerns where a bank fell into any one of the examples of non-Code compliant behaviour.

The CCM team will use the information gathered during the review and in any follow up engagement with the customer to make a judgement on whether the bank is fully complying with its Code commitments. If they are satisfied that it is, the CCM will advise the bank accordingly at the BRR.

If the CCM has any concern that a bank is not meeting its Code obligations, they will discuss this with the business in line with the Governance Protocol.