Beta This part of GOV.UK is being rebuilt – find out what beta means

HMRC internal manual

COTAX Manual

Background: Allocation of COTAX and CT Online user roles: Role Authoriser duties

Authorising requests

As the Role Authoriser, you are responsible for authorising (Word 465KB) applications through the Service Request System (SRS) for a COTAX or CT Online Services role.

SRS sends you an automatically generated email to tell you there is a new user role request.

You must only authorise requests for COTAX and CT Online Services roles where:

  • the request relates to an MUID for which you are responsible
  • you are satisfied that the member of staff needs the role to perform their current allocated duties and those duties are appropriate to their grade.

You cannot refine a user role to prevent access to any specific functions within that role. If you authorise a request for a role, that user will have access to all of the functions relating to the role. See COM250 for details of the functions within each user role.

Certain roles cannot be allocated with other roles. For example, the same user cannot have both Clerical Caseworker and Technical Caseworker. See COM253 for details.

You must record the allocation of the authorised user role or roles in the Authorised User Registered File. See COM31040 for details.

As Role Authoriser you must not use SRS to request and then authorise a COTAX role or a CT Online Services role for your MUID for any member of staff you manage. If you have staff that require access to COTAX and CT Online Services, you may need to appoint a delegate in SRS to request roles on your behalf if you do not have a deputy Role Authoriser to authorise your request for you.

You are responsible to the senior responsible officer for ensuring:

  • the effective and proper use of COTAX and CT Online services for your MUID
  • the maintenance of appropriate levels of security for your MUID.

See COM31050 for more information.

Top of page

Reviewing user roles

As the Role Authoriser, you must carry out a yearly review of all users who hold a COTAX and/or CT Online role in the MUID or MUIDs for which you have responsibility. CTIS (CT, International and Stamps) provides lists of COTAX users for each Role Authoriser. The lists show details of users for each MUID at the start of the review period. The timetable for review is shown below.

Office type Review start date Review to be completed by
All LC offices Beginning of July End of August
SI Beginning of September End of October
RIS Beginning of September End of October
LB Beginning of September End of October
Others Beginning of December End of January
LB Beginning of March End of April


The Role Authoriser must check each user still has a valid business case to access the COTAX and CT Online systems in the MUID they are responsible for.


Where the user has, you must:

  • note the Authorised User Register with the date the review was completed
  • remind the user about system security. See COM31050 for further guidance.

Where the user does not, you must:

  • make sure they or their manager use SRS to remove the role from their profile
  • note the Authorised User Register of the date the role was removed from the user.

Role Authorisers may request a list of COTAX users at other times if they need to carry out any extra reviews. You can do this by contacting the COTAX Business Helpdesk(This content has been withheld because of exemptions in the Freedom of Information Act 2000)