Senior accounting officers (SAOs) of qualifying large companies (broadly with UK group turnover in excess of £200m) are required to provide personal certification that their accounting systems are capable of delivering accurate tax reporting across all major taxes.
The timing could not have been worse for many companies who were in the midst of a significant recession
These rules were introduced in response to the G20 Summit meetings held in London in April 2009. They were intended to provide increased transparency of the tax affairs of large companies in the boardroom, including obligations to establish and monitor internal controls over tax accounting processes.
The timing could not have been worse for many companies who were in the midst of a significant recession. A combination of certain advisers overselling unaffordable compliance requirements (one firm suggesting that the average annual compliance cost would be £500,000 per company) and HMRC offering a ‘light touch’ approach for year one meant that many decided to perform high level reviews, resourced internally for year one, at least.
The majority of impacted companies are now contemplating filing their third SAO certificate and the typical approach we are finding when talking to them is changing. Whereas previously, many were content to rely on a series of internal sign-offs and high level reviews with perhaps a degree of internal audit scrutiny, this is no longer deemed sufficient.
There is recognition that the use of internal resource alone will undoubtedly have limitations; such as the awareness of and ability to implement best practice from the peer group.
Similarly, it is hard for people providing internal sign-offs on particular taxes or processes to be truly objective about their adequacy, especially if the same individual has been in post for a number of years or was instrumental in setting up the process. The typical internal audit team is also rarely skilled in understanding and testing tax processes; particularly where any element of tax technical judgement is involved.
Coupled with this change, there has been a noticeable shift in view from HMRC. Back in 2009, HMRC’s attitude to SAO could essentially be characterised as reactive. They were content to let companies decide for themselves what an appropriate response might be and were not in any sense prescriptive as to what a compliant approach might look like.
Having been a member of the working party on the original SAO guidelines, I saw first-hand that this was the tone from the top. Indeed, when attending an SAO training session for Customer Relationship Managers (CRMs) as an observer, the clear message being given was to listen if companies wished to discuss their plans, guide them if they were failing to address areas of risk but otherwise not seek to influence at all.
Back in 2009, HMRC's attitude to SAO could essentially be characterised as reactive
The CRMs found this incredibly frustrating, not least because it also meant they were effectively being told not to seek discussions with those companies that did not want to engage around SAO; the very grouping that they considered posed the biggest risk.
In the last few months however, HMRC have shown signs of reverting to their more typical style by enquiring and challenging the approach to SAO. We have seen standardised letters asking for specific details of what the company has done to ensure SAO compliance, how that is monitored and what ‘reasonable steps’ the SAO has taken (as the legislation requires).
In other cases, CRMs have specifically highlighted SAO as an area of focus for the current year, making it clear that they will want to have detailed engagement with the company to fully understand the work done leading up to certification. We should not be surprised at this change; it reflects an increased awareness within HMRC about what good systems process and controls look like and a consequential greater confidence to have the discussion.
Furthermore, some recent high profile interactions between HMRC and large companies have led to criticism that certain CRMs may have become too ‘cosy’ with their large company ‘customers’. This could be a reaction to that criticism.
The key message for companies caught by SAO is clear; the need to engage with HMRC on the subject in much greater detail than before is inevitable. Any work undertaken should bear this in mind; clearly defining the basis of it, assumptions made and any independent views taken. Fringe taxes and processes should not be ignored; many of the biggest problems we have found involve areas such as Customs Duty, Export evidence and termination payments.
Finally, for those businesses not large enough to be caught by SAO there is no room for complacency. Specialist HMRC units are now undertaking in-depth systems reviews for a selection of those companies as well, including multiple days of site visits and the use of data interrogation tools.
It would appear that HMRC have suddenly awoken to the fact that the numbers in any tax return are only as reliable as the systems and processes that underpin them.
Ed Dwan is tax risk partner at BDO