TCRM3343 - The Business Risk Review (BRR+): Business Risk Review (BRR+) Assessment indicators: Risk Assessing Across Taxes: Internal Governance

Internal Governance is about assessing the customers’ management accountabilities and processes for managing tax risk as well as their openness and co-operation with HMRC. The CCM and Tax Specialists should also consider the wider structure the customer operates within including, where relevant, how joined up it is with regard to its tax obligations.

Additional Information on Low Risk Indicators

Low Risk Indicator 3 - Group structure charts are held by multinational groups for their own internal governance procedures and the provision of these structures to HMRC supports an open and collaborative relationship. Where the UK is a sub-group of the wider multinational group and is therefore not in possession of a worldwide group structure, if the UK group is able to supply alternative information to assist our understanding of to how they have self-assessed the applicability of various international tax issues then we would take this into account when reviewing the risk rating of the group. If a particular UK entity does not hold the complete worldwide group structure, HMRC expects the UK entity to be able to provide a group structure or other information covering the following:

  • All UK corporates/entities including partnerships, joint ventures and branches
  • Details of all subsidiaries of UK entities, including those where UK has a minority interest
  • How the UK group fits into the ultimate parent company or a diagram showing ownership of UK companies by ultimate parent including all entities in the ownership chain and any overseas holdings structures to the UK sub-group
  • Any overseas entities that the UK group transacts with/deals with and how they fit into the worldwide structure – for example if a UK Company is dealing with a Luxembourg entity, how that Luxembourg entity fits into the group
  • Any overseas entities that are involved in a supply chain with a UK entity
  • Any other entities which entered into transactions that had an impact on UK tax and profits

Low Risk Indicator 4 - Under internal governance customers are required to have fulfilled their filing, registration and/or documentation obligations such as Senior Accounting Officer Legislation, Uncertain Tax Treatment,  Country by Country Reporting, Tax Strategy Publication, the Transfer Pricing Records Regulations, OECD Pillar2 Top-Up tax and Automatic Exchange of Information. Not all Multinational Enterprises (MNEs) will be required to file each of these, please check the qualifying criteria using the relevant guidance. It is the responsibility of the CCM to confirm that the correct filing obligations have been met with the support of the individual Tax Specialists.

Low Risk Indicator 5 -  HMRC cannot and will not give sign-off on 'reasonable procedures'.  Where a customer fails to meet the Corporate Criminal Offence Legislation indicator it will be regarded as High Risk in respect of Internal Governance.

The Internal Governance risk indicators are detailed below along with expectations as to when a customer would be low risk, moderate risk, moderate - high risk and high risk.

Internal Governance Indicators

Introduction

Governance is about assessing the customers' management accountabilities and processes for managing tax risk as well as their openness and co-operation with HMRC.  The CCM and tax specialists should also consider the wider structure the customer operates within including, where relevant, how joined up it is with regard to its tax obligations.    

Low Risk

  • The customer has clear accountabilities up to and including the Board for the management of tax compliance risk and tax planning.
  • The customer has appropriate tax accounting arrangements so as to enable accurate tax reporting.  
  • The customer keeps HMRC informed of how the business is structured and where different parts of the business are located.  
  • The customer has fulfilled its filing, notification (or exemption), due diligence, reporting and/or publication obligations regarding senior accounting officer legislation, uncertain tax treatment legislation, country by country reporting, tax strategy publication and automatic exchange of Information under the common reporting standard or FATCA (if appropriate).
  • The customer appreciates its potential liability under the corporate criminal offence legislation and steps have been taken to profile and manage the risk of failing to prevent the facilitation of tax evasion.  
  • Any significant uncertainties or irregularities identified by the customer are communicated to HMRC promptly.  
  • Transactions or issues with significant tax implications are discussed in real time and communications with HMRC are managed collaboratively.  
  •  Prompt, accurate and helpful answers are provided in response to HMRC's queries and requests for information.

Moderate risk

  • A customer would be expected to be rated moderate risk if it meets the low risk definition except for one indicator.  

Moderate – high risk

  • A customer would be expected to be rated moderate-high risk if it meets low risk definition except for two to three indicators.

High risk

  • A customer would be expected to be rated high risk if it does not meet four or more of the low risk indicators.  

Note:

  • In the event of serious failure of one or more indicators the CCM may determine that the failure has additional weighting and determine the level of risk accordingly.
  • For banking customers – where HMRC has initial or interim concerns regarding compliance with the code of practice on taxation for banks the customer cannot be regarded as either low or moderate risk. Where HMRC has concluded that a bank has breached the code they will be regarded as High Risk.  
  • Where a customer fails to meet the corporate criminal offence legislation indicator it will be regarded as high risk in respect of internal governance.