Criminal Finances Act: another change to the corporate legal landscape

With investigations such as the Paradise Papers and LuxLeaks placing tax arrangements squarely under the spotlight, it seems clear that businesses as well as wealthy individuals need to consider tax planning from a reputational as well as a legal perspective. In the eyes of the public, there is scant difference between tax evasion and aggressive tax avoidance.


While the Criminal Finances Act (CFA) makes no changes to the definition of tax evasion and avoidance, it does place a new burden on corporates, through the failure to prevent the facilitation of tax evasion offence. This will oblige companies to pay much closer attention to their tax and payment structures to ensure that they can effectively mitigate the risk of any facilitation of tax evasion either directly or via third parties such as tax advisers.

Much of the analysis of the new Act has focused on this aspect of the legislation, presuming that it will be aimed at lawyers, financial advisers and accountants who assist with setting up trusts and structures that minimise tax payments. However, in reality the reach will be far wider in terms of who faces liability. All companies that have a presence in the UK must comply with the new legislation.

While the Act makes provision for a reasonable procedures defence, this will require corporates to scrutinise their policies and systems around tax and payments extremely closely, most likely investing time and resources to ensure that robust processes are properly developed and embedded.

The Act also enhances the ability of law enforcement agencies to freeze and seize assets obtained through gross human rights abuses (GHRA) or activities that support them. Arguably this goes further than the Modern Slavery Act in addressing human rights abuses, applying as it does to any organisation, irrespective of size, doing business both inside and outside the UK and imposing sanctions in the form of asset confiscation.

Under the Criminal Finances Act, gross human rights abuses are defined as prohibited conduct against a protected person (including whistleblowers and human rights defenders). Prohibited conduct includes cruel, degrading or inhuman acts such as forced labour or human trafficking. Land grabbing is also considered an act of gross human rights abuse.

However, unlike the CFA’s provision for tax evasion, there is no ‘reasonable procedures to prevent’ defence available for gross human rights abuses. Businesses will therefore need heightened due diligence procedures and to carry out meaningful human rights impact assessments to be sure they are not engaging in activities connected to GHRA. Failure to do so could be costly. A business selling jewellery containing conflict diamonds could be at risk of enforcement action. Even if a company avoided the confiscation of assets, these could still be frozen during proceedings creating potential financial, operational, legal and reputational problems for the company during the process. Businesses with operations in areas where human rights abuses can be commonplace need to be particularly vigilant.

Enhancing controls to ensure that businesses really know their suppliers and third parties will be essential. Businesses are already under pressure to do this, so any additional scrutiny to comply with the Criminal Finance Act will also assist with anti-bribery and anti-money laundering controls as well as Modern Slavery Act compliance.

At a recent GoodCorporation business ethics debate, it was felt that the Criminal Finances Act will have a real impact on the corporate legal landscape, requiring businesses to make some significant changes to their existing policies, practices and controls. A quick policy refresh will be insufficient. Government guidance has been published and while some have criticised it for lacking detail, it will be familiar to most organisations as it mirrors the Ministry of Justice guidance on the Bribery Act, focusing on six guiding principles: proportionate procedures; top-level commitment; due diligence of staff, third parties and clients; communication and lastly, monitoring and review.

Businesses should begin with a risk assessment, reviewing their organisation’s tax and payment structures, including that of overseas entities, suppliers and partners, to have a clear understanding of the ways in which tax evasion might be facilitated anywhere in their operation. Once this review has been completed, the risks need to be categorised and prioritised with appropriate mitigation strategies devised and implemented.

Safeguards against tax evasion will need to be built into other business functions such as sales and marketing, finance and procurement as well as government and regulatory affairs. Appropriate controls will be needed to ensure that supplier and third-party contracts have clauses on preventing tax evasion, with auditing rights that are exercised as needed.

Once appropriate controls have been identified to mitigate the salient risks, these should be enshrined in a criminal finances or broader financial crime policy that is adopted at board level and regularly reviewed. It should be noted however, that none of the procedures around failure to prevent should preclude normal and legal discussions around tax.

Awareness of policy and procedures must be high, so a training and communication programme will be needed to ensure that staff are aware of the new legislation, the risks to the company, the differences between evasion and avoidance and the measures in place to mitigate those risks. Implementation will need to be kept under review to ensure that the new systems are properly embedded and working effectively. This will also help identify any further training requirements.

Complying with a reasonable procedures defence can be challenging for companies as it clearly involves a real investment in time and resources. It will also be necessary to ensure full commitment at board level. The demands of the legislation and the obligation to prevent provide companies with valid reasons to ask some challenging questions. For many this is likely to drive a real culture change. However, this should reap rewards in the long-term. The demands of the Criminal Finances Act go beyond legal compliance. Companies are most at risk from the activities of third parties so implementing rigorous systems and controls to better manage these relationships should be viewed as part of responsible corporate risk management. Developing best practice in these areas not only reduces the risk of enforcement action, but also builds reputation and strengthens relationships.

GoodCorporation has been working with businesses for 17 years to test, strengthen and embed effective ethics and compliance programmes. Our anti-corruption and integrity compliance frameworks have been used by FTSE 100 and CAC40 organisations to evaluate and measure the effectiveness of their ABC and anti-fraud, collusion and coercion controls.