HMRC and self assessment fraud

Has anyone had instances where bogus repayment claims have been made for their clients?

Didn't find your answer?

We have encountered several instances of each of the following recently: 

1) HMRC writing to our clients to say that someone has gained access to their self-assessment record fraudulently, and as a result their old SA record has been closed and a new record and UTR opened. 

2) Tax returns being filed without knowledge of us or our clients claiming a refund to be paid to a nominees bank account

3) Long standing clients disappearing off our portal then when we check with HMRC, they say that we are not the agent on their records. The client denies all knowledge of changing agent and is as baffled as we are. 

4) Letters from HMRC sent to clients to 'check a repayment claims', when as far as we are aware no repayment is due. 

 For years, we've had none of these events then all of a sudden they're appearing too often to be put down as just one of those things. I am beginning to suspect HMRC have suffered a data breach and agent authorisations are being changed, bogus repayment claims made and being sent out to the 'new' agent. Who else is experiencing this?    

Replies (6)

Please login or register to join the discussion.

avatar
By Hugo Fair
07th Jun 2022 13:10

There's an increasing amount of this going on ... see https://www.accountingweb.co.uk/tax/personal-tax/taxpayers-duped-by-rogu... for a particularly egregious example recently.

Step 1 - warn your clients NOT to sign-up for any 'reclaim assistance' (it invariably lets rogues over-ride the system from then on)!

Thanks (2)
By ireallyshouldknowthisbut
07th Jun 2022 13:53

Sounds like a lot of lightening to strike one practice unless its quite large. I have a smallish sample size of 100 odd co. clients and 350 personal tax and nothing like this happen.

Is the data breach your side?

Are you sure there is no tracking software installed on your network? We have regular phishing attempts get mailed to us looking like a genuine enquiry of the 'please open the spreadsheet' type. That must be to get access. An IT specialist should be able to identify any odd usage of your network, 3am that type of thing.

Could it be closer to home and an ex-staffer with an axe to grind?

When did you last change all your log-ins?

Thanks (1)
Replying to ireallyshouldknowthisbut:
avatar
By Paul Crowley
07th Jun 2022 15:10

We are the same size as you on companies and SA
I would agree your opinion on probable cause. Data breach at accountant end not HMRC
Definitely get a good IT expert to Fine comb looking at malware and the like

We recently had 2 people 'sign up' on a dubious website for marriage allowance claim but neither dislodged us as agents. One thinks they cancelled in time, the other just had a big fee and really does not want to talk about it

Thanks (1)
Replying to Paul Crowley:
avatar
By Hugo Fair
07th Jun 2022 17:36

OP's example type 1 is the one I find most worrying (if only because I've not heard of it previously - although it could be the result of HMRC identifying any of the other types 2, 3 or 4).

The other 3 types are all reasonably common IF the client has signed up with one of those 'refund claim handlers'. Client may be too embarrassed to admit having done so, or may simply not realise that one action has led to all the other actions.

So, irrespective of the possibility of some data breach at OP's end (which would be serious so needs to be properly investigated AND improved procedures put in place for the future if necessary) ... I would always advise any practising member of this site to warn their clients (whether individually or via a newsletter or whatever) of the very real dangers if they sign anything with those rogues - even if client thinks it's just a one-off (and didn't want to bother you).

Thanks (3)
By K81
08th Jun 2022 08:35

only had this happen once many years ago & the security breach was the clients computer.

Thanks (0)
avatar
By Brightster
08th Jun 2022 11:25

Thanks to everyone for taking the time to reply.
Yes I agree a lot of lightning for one firm but some (not all) of these issues pre-date our engagement, which is why I asked the question to gauge how common they are.
We are sure there is no data breach our side. we have very robust IT and it is checked, and passwords changed very regularly.
HMRC are, as usual, particularly unhelpful giving us or the clients any idea to help us to get to the bottom of what is going on, so we have no idea as to what constitutes fraudulent access resulting in the closure of the SA record, or whom the new agents/nominees are - which may have helped us and the clients understand.

Thanks (0)