CCM3028 - Warning about Accessing HMRC systems

In Organised attack work, there are circumstances where caseworkers need to review some HMRC systems, for further evidence, to help make decisions.

These can be cases of hijacked identity, or cases with risks of collusion and circularity.

However, there is a risk that staff in non Organised Attack compliance areas may undertake such research without the relevant authorisation and by doing so, will contravene the Data Protection Act, the General Data Protection Regulation, and the Computer Misuse Act.

All caseworkers must take care that use of HMRC systems must only occur if there is a genuine business need, with reasonable grounds for the access.

In all cases:

  • an audit trail must be kept
  • the retention policy must be followed
  • cases must be dealt with on merit and checks must not be done as routine
  • the use complies with HMRC’s Acceptable Use Policy.

Note: If your area does not hold an audit spreadsheet, specifically for the recording of searches linked to Organised Attack intelligence reports, then you are NOT working in an organised attack area and MUST adhere to the following points.

For all cases where there is a suspicion of Organised Attack, Hijacked Identity or Collusion or Circularity:

If you are NOT working in an Organised Attack compliance area

  • do not try to confirm your suspicions by conducting any traces through HMRC systems
  • if necessary discuss the case with your manager or embedding compliance officer
  • send a referral to the Organised Attack area through the BCCRS referral system on SEES.
    For how to do this follow the guidance on the B&C Compliance Referral System (BCCRS) Excel SEES Form User Guide

The Organised Attack intelligence teams will then pick these up and carry out the appropriate research.

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)

  • (This content has been withheld because of exemptions in the Freedom of Information Act 2000)
  • (This content has been withheld because of exemptions in the Freedom of Information Act 2000)
  • (This content has been withheld because of exemptions in the Freedom of Information Act 2000)
  • (This content has been withheld because of exemptions in the Freedom of Information Act 2000)

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)
(This content has been withheld because of exemptions in the Freedom of Information Act 2000)