Save content
Have you found this content useful? Use the button above to save it to your profile.
gdpr
Istock_lucadp_gdpr

Small companies fall for GDPR tax credit con

by

A fake tax scheme promoted to small companies plays on the fear of large fines for data loss or misuse under general data protection regulations (GDPR).

4th Jul 2023
Save content
Have you found this content useful? Use the button above to save it to your profile.

The Information Commissioners Office (ICO) is responsible for enforcing penalties under the Data Protection Act 2018, which enacted the GDPR. 

The maximum financial penalty for misusing data under this law is the higher of 4% of the organisation’s worldwide annual turnover and £17.5m. The standard maximum penalty that can be imposed for breaches of the administrative requirements of GDPR is the higher of: 2% of turnover and £8.7m.

Either figure could bankrupt a small company if it was imposed.

Greed 

Small and medium sized companies, particularly in the IT sector, are being approached by various firms offering a service that checks their risk of a GDPR fine and offers a way to pay for this service while receiving a substantial corporation tax refund. 

If this sounds too good to be true, it is. What the promoters are offering is a fake tax scheme that can’t work and is positively dangerous to any company that uses it.

The sales pitch

The fake tax scheme has five stages:

  1. The “GDPR experts” produce a report detailing what level of financial penalties the company could face for GDPR non-compliance.
  2. This figure is used as a provision for the estimate GDPR penalty costs in the company’s accounts. The promoter calls this claim a “GDPR tax credit”, but there is no such tax relief in the legislation. 
  3. The company adjusts its accounts for an earlier year (or three!) to include this provision that reduces taxable profits. 
  4. The tax return for the earlier period is amended to reflect the lower taxable profits, which triggers a tax repayment.
  5. The promoter of the fake tax scheme takes a fee of 30% of the tax repayment, plus VAT.          

Why it doesn’t work

All good accountants know that the requirements of accounting standard FRS 102 para 21.4 determine that a provision for a future cost can only be made when:

  • The company has an obligation to pay a cost, which has been established by the reporting date for the accounts, and arises due to a past event; and 
  • It is probable (i.e. more likely than not) that the company will be required to pay that cost; and
  • The amount of the cost can be reliably estimated.

The GDPR penalty provision fails on all three points:

  • It has not arisen due to a past event, it has been invented at some point after the reporting date.
  • It is not “more likely than not” that the company will have to pay a penalty to the ICO or a civil claim for a breach of GDPR law. 
  • As this liability is not probable, it cannot be reliably estimated in line with the guidance in HMRC’s Business Income Manual (BIM46555).    

Even if the provision did meet the three tests in FRS 102, para 21.4, it fails at a higher level as any penalties for GDPR beaches, or civil punitive damages for such a breach, are not tax deductible costs.  

Storing up trouble 

If a company does make such a provision in their accounts for an unquantifiable GDPR fine and claims a tax repayment, HMRC will probably pay the claim automatically with little upfront checking.

However, once HMRC realise the company has used the fake GDPR tax credit scheme it will open an enquiry into the company. The tax repayment at the centre of the scheme will have to be repaid in full, with no deduction for the fee paid to the scheme promoter, plus interest at 7.5%.
HMRC will also charge a penalty for a deliberate inaccuracy in a corporation tax return which could be up to 70% of the over-claimed tax.

Tax Policy Associates have found seven different firms who are promoting this GDPR tax credit scheme, including the Guild of Master Craftsmen, which appears to be a genuine association of crafts people.
Dan Neidle, founder of Tax Policy Associates is scathing about these promoters, he says: “The whole idea fails so badly that those pushing it are either guilty of incompetence or fraud.” 

Tags:

Replies (20)

Please login or register to join the discussion.

By Ruddles
04th Jul 2023 18:05

A useful reminder to accountants and their clients but I think it only right and proper to acknowledge that this was first (at least it was the first I was aware of the issue) brought to the attention of the AWeb community well over a year ago by Justin.

Thanks (11)
Replying to Ruddles:
avatar
By Hugo Fair
04th Jul 2023 20:27

Yup, my under-developed sense of déjà vu quivered instantly when I read the title.

But talk of missed opportunities ... why hasn't HMRC obtained the client-lists of the known promoters? It would then make shooting fish in a barrel seem complex!

Thanks (5)
Replying to Hugo Fair:
By mydoghasfleas
05th Jul 2023 10:57

I do not think HMRC has the capacity. The fish in a barrel helpline has closed so the fish can be assigned to other duties

Thanks (2)
Replying to Hugo Fair:
avatar
By Justin Bryant
05th Jul 2023 11:07

Without wanting to also accuse you of plagiarism, if you read my original post on this dodgy GDPR provision scheme from 1 1/2 years ago, you'll see that that was my suggestion (I'm not expecting any reward from HMRC mind you!)

Thanks (2)
Replying to Justin Bryant:
avatar
By Hugo Fair
05th Jul 2023 12:25

Apparent plagiarism can actually be mere coincidence ... as in when minds (great or otherwise) think alike.

My observation was merely made in the spirit of 'stating the obvious' (having discovered over the years that the obvious often eludes many and so is worth stating)!

Thanks (1)
Replying to Ruddles:
avatar
By Self-Employed and Happy
05th Jul 2023 09:52

I knew I had seen this before when reading it!

Thanks for keeping my sanity in check for another day.

Thanks (2)
avatar
By Justin Bryant
04th Jul 2023 20:28
Thanks (2)
Replying to Justin Bryant:
avatar
By Justin Bryant
05th Jul 2023 09:27

In fact, I note that DN has completely ripped off my comments/analysis from early last year on this dodgy GDPR provision scheme without giving me any credit/acknowledgment. He even cites this case in support for his analysis (re W&E) which was in this link in the subheading of my above post!

https://www.accountingweb.co.uk/any-answers/interesting-ct-we-case

"A tax tribunal recently used that principle to deny a business a tax benefit from a reserve created for unfunded pension liabilities – which were much more real than these fictional GDPR liabilities."

What a plagiarist (he admits he's done a Google search of the scheme and so would have seen my above original post on the 1st page - at the very top probably)!

It's a good job that Aweb allows us to call out this sort of thing (i.e. exposés on purported exposés).

Thanks (3)
avatar
By ColA
05th Jul 2023 09:54

It’s always worth examining the credentials of those supporting eclectic ‘tax/money’ saving schemes.
GMC is Lewes-based and registered with Companies House.

Thanks (0)
avatar
By brianheg
05th Jul 2023 09:56

I had this pitched to me in 2021. I did not recommend it to clients.

Thanks (0)
avatar
By rmillaree
05th Jul 2023 10:18

Do the new rules where companies now have to pre register to do r&d claim giving details of responsible officer give us some confidence the worst of this farce may be over. IMHO hmrc should have a 5 minute chat with every r&d responsible individual to "suss" out how genuine each claim is - i supect hmrc wont go far enough in that regard. Note questions should alwasy start withn the hardest bit - ie is your claim actually something actualy eligigible or are you stretching borderlines somewhat to make claims ?

Thanks (0)
Replying to rmillaree:
avatar
By Justin Bryant
05th Jul 2023 10:21

This ain't nothing to do with dodgy R&D tax credit claims. (I'm guessing even DN wouldn't have the brass neck to claim he's the one clever person responsible for exposing all that R&D tax relief dodginess too.)

Thanks (0)
Replying to rmillaree:
avatar
By Self-Employed and Happy
05th Jul 2023 10:50

You are forgetting for your suggestion to even be a possibility HMRC would need competent staff, a rarity unfortunately.

Thanks (0)
avatar
By MKWoody
05th Jul 2023 11:58

I read The Niedle article with interest. It was noteworthy that he is ex Clifford Chance, a respected law firm which only last year wrote that these kinds of liabilities were ‘no longer theoretical but real’. It would be a Luddite who now does not recognise that personal data comes with risk. It would be odd not to recognise the GDPR accords automatic rights to compensation for infringements of those rules. It is impossible to ignore the fact people are now very well aware of their rights and pursue them. A UK Government report recently stated that in the previous year at least 54% of all UK businesses had been breached and lost data. That means on the balance of probabilities they are all exposed to claims. You can choose to ignore the reality if you wish…Just press delete.

Thanks (0)
Replying to MKWoody:
avatar
By Hugo Fair
05th Jul 2023 12:20

"A UK Government report recently stated .." - source please (with link)?

You obviously have 'skin in the game', but need more than vague assertions that don't stand up to close reading.

Clifford Chance would be *appalled* to see you claiming (by inference) that they endorse this 'scheme' ... it isn't even a scheme as it's based on a mix of, being generous, a lack of understanding of accounting rules and deliberate misrepresentation.

And don't worry ... 'delete' is exactly what is sought for this ludicrous fraud.

Thanks (1)
Replying to Hugo Fair:
avatar
By Justin Bryant
05th Jul 2023 12:54

MKWoody's clearly a mate of Hooper00 or one and the same.

Thanks (1)
Replying to MKWoody:
By Ruddles
05th Jul 2023 16:20

Well, if we humour you for a second, and accept that in certain limited circumstances it might be appropriate to recognise a provision in the accounts, tax relief would nevertheless be denied. So what have you gained? A hole in the balance sheet, that is all.

Thanks (1)
Replying to Ruddles:
avatar
By MKWoody
08th Jul 2023 15:48

The tax relief will be allowable on the compensation due to individuals for distress caused by data breaches. No tax relief is allowable on the fines / penalties (as is normal practice).

Thanks (0)
Replying to MKWoody:
avatar
By Hugo Fair
10th Jul 2023 14:06

So how would any putative compensation (supposedly paid to individuals who have suffered distress caused by a data breach) be of any relevance to the mug companies who have 'invested' in this fairytale of a scheme?

Thanks (1)
David Ross
By davidross
06th Jul 2023 10:14

I'm not so sure that The Guild of Master Craftsmen Services Ltd and its associated companies are anything more than a private enterprise set up to take subscriptions for profit (£100 company, not limited by guarantee). Companies House records are available during your coffee break!

Therefore its marketing of a scheme like this does NOT seem to be out of character.

Thanks (0)