Beta This part of GOV.UK is being rebuilt – find out what beta means

HMRC internal manual

Tax Compliance Risk Management

The Business Risk Review (BRR): Overview

The Business Risk Review (BRR) is the process by which we evaluate and discuss with the customer where we think they sit on the compliance spectrum and in particular whether they meet the criteria for Low Risk. It is based on the principle that, while factors such as the size and complexity of a business create their own risks and can make it more challenging for customers to comply with their tax obligations, even the largest and most complex businesses can be classified as Low Risk if they mitigate these risks to an acceptable level through their behaviours. The results of the BRR inform both our overall approach to a customer (Low Risk or not Low Risk) and, in the case of customers who are not Low Risk, the focus of any future Risk Assessment activity.

The BRR will take place at least annually for customers who are not Low Risk. For Low Risk customers a BRR will, in general, be carried out on a three year cycle.

The BRR process involves the following steps:

  • Considering the inherent level of tax compliance risk the customer represents because of the complexity or size of their business and the amount of change affecting them;
  • Considering the effect of the customer’s behaviour on this inherent risk - does their relationship with HMRC, their systems and processes and their approach to tax planning tend to increase or decrease this inherent risk?;
  • Considering whether there are any unexplained trends in the amount of tax they pay which suggests that any of the conclusions reached on inherent or behavioural risk should be revisited;
  • Agreeing the customer’s overall risk status; and
  • Agreeing any action required to reduce the level of risk.

The process is summarised graphically.

Overview flowchart (Word 33KB)

Overview text version (Word 25KB)