SA REFUND; DEFRAUDED BY UNKNOWN PARTY

SA REFUND; DEFRAUDED BY UNKNOWN PARTY

Didn't find your answer?

Bit of a strange one this and would love some feedback please.

A new client (subby) came to me last week clutching a repayment notice showing a large refund for 2013/14 paid to a nominee that he has never heard of.

He filed his own return in August via his own gateway log in an received his tax refund  but this latest refund is on top of the old one. His password no longer works to log in.

I applied for online authorisation and today it appeared on our hmrc clients list and an amendment to the return was made on 5/2 and the refund issued on 14/2.

I can see the bank details of where the  refund has been issued to.

It seems clear to me that someone has got hold of his log in details and defrauded hmrc out of this money. I called hmrc today but the agent authorisation  hasn't filtered through yet even though its on my online clients list.

My concern is that hmrc will amend the return back to how it was and my client will be liable for the money!!

Has anyone encountered anything similar or got any thoughts?

cheers

Replies (6)

Please login or register to join the discussion.

avatar
By duncanedwards
06th Mar 2015 15:41

Suggest
Your client reports it to the Police as well as HMRC.

Thanks (0)
RLI
By lionofludesch
06th Mar 2015 15:50

IT expert

At least your client has got the refund he was properly due to.

I've not come across this but, if your worst fears prove to be founded, it may be necessary to get some IT expert to review security to see how the client's account has been hacked.

And - definitely - treat it as theft and report it to the peelers.

Thanks (0)
David Winch
By David Winch
06th Mar 2015 16:16

Before doing anything else check with the client if those bank details mean anything to him.  If you have a sort code you should at least be able to identify the bank & possibly the location of the branch (although some banks have non-geographical branches).

Could it be the client's domestic partner or a family member who has done this?  Or a previous accountant?

The client may not want the police involved (although you may be obliged to make a report under MLR 2007 / s330 PoCA 2002).

If it is a case of some unconnected hacker then I suspect HMRC will be sympathetic.  Has the client recently had an email from HMRC requesting him to login to the system?  In other words has he been duped by a bogus email?

David

Thanks (0)
avatar
By Ned Ludd
06th Mar 2015 16:23

thanks for your input guys.

 

the bank account is not a common one; it means nothing to the client.

he says he has had no dodgy e mails purporting to be for hmrc

ive asked whether he's left his log in details lying around in the digs he's been stopping in for work and he says definitely not.

he did say though he had a government gateway replacement password through. that password doesn't work either.

the surname of the nominee is a foreign name and when I google it it is a name that 15% of all nationals from that country have.

 

 

 

 

 

Thanks (0)
David Winch
By David Winch
06th Mar 2015 16:35

Report it to HMRC pronto

I suggest you report it to HMRC pronto in that case (but with the client's agreement obviously).  Also do a brief Suspicious Activity Report (referring to it having already been reported to HMRC).

I don't think you need bother the local police with it.  HMRC have their own investigators & can prosecute if it comes to that.

Log it with Action Fraud or suggest the client does that.

David

Thanks (0)
avatar
By bernard michael
07th Mar 2015 11:00

In case you haven't already got the full information this link will enable you to identify the bank and branch address  I suggest you also write to it's Head Office and the branch with the problem

http://www.postcodeanywhere.co.uk/demos/bank-validator/

Thanks (0)