HMRC trials access controls for Agents Services Account
The tax authority has begun testing functionality in the Agents Services Account that will allow agents to control who can access client records from within their practice.
A new feature, which HMRC is calling “granular permissions” or “access groups”, allows Agents Services Account (ASA) administrators within a firm the ability to create groups into which they can add clients and internal team members who need to work on their tax files. Only team members added to a specific group will have access to the clients in it.
HMRC is currently trialling the access control functionality with a small number of tax agents of varying sizes as part of a private beta test. The feature will then be rolled out to the wider agent community – although HMRC has not given a timeframe for this.
Problems with multiple sign-ins have dogged the ASA for several years, in part due to Verify, the government’s previously preferred identity control, being unable to cope with different users logged in using the same agent identity.
There is currently no functionality in the ASA that allows agents to control who in their firm can access client information, and if they know the correct client identifiers all staff within a practice can access all client records and tax services.
Access group features
As shown in a screenshot below, group members can search for clients and filter them by name, tax reference or tax service.
While functionality allows agents to control who in their agency can make changes, save and submit client information, it does not allow them to restrict permissions any further – for example, giving employees read-only, edit-only or submit-only access.
When rolled out to the wider agent community, the feature will need to be actively turned on in the ASA. If practices do not want to use this functionality, they can leave it switched off. Once activated, the feature can be switched off again.
If the feature is accidentally turned off and the ASA administrator(s) have created access groups, they will be able to turn the feature back on and any groups created will still be available.
HMRC has stated the controls won’t be available to larger agencies – which it defines as those with more than 1,000 clients – in the near future, citing user interface issues and potential problems retrieving client data. The tax authority is “exploring what could be possible” for practices with more than 1,000 clients, but did not commit to a timeline as it is “juggling lots of constraints (mainly financial and time)”.
Once access groups are available to the agent community, guidance on the control functionality will be available in the help and guidance pages on the ASA homepage. To prepare for the roll-out, HMRC encouraged agents to identify who the administrators are in their firms.
Only administrators will have access to the new feature from the Manage Account section on the ASA homepage, and firms will need to have appointed one or more administrators with the ability to control access in order to make the system work.
More details of the access controls and screenshots of the feature are available in the following briefing from HMRC: Granular Permissions or Access Groups.
You might also be interested in
Tom is AccountingWEB's technology editor, providing unbiased news and analysis from the accounting tech universe. Got a tech tale to tell? Message me on the site or email [email protected]
Replies (16)
Please login or register to join the discussion.
What a lot of [***], how about spending the money on additional staff to reply to queries quicker or introduce email correspondence (even incoming only). Thsi is only going to apply to big accountancy firms, the smaller firms will never use such a pointless tool!
A year and still no reply despite a complaint and threatening MP action. I am at my wits end and so anxious . Whats going one with HMRC?
We already have this.....
We can select which staff member can access which client, I see no reason it needs to go any deeper than that.
Why don't HMRC actually invest in front line staff rather than this vanity project.
Why is HMRC making a point of trialling this when there appears to have been no meaningful trial of the time-consuming new VAT Registration Service, 30/60-day CGT and all the other systems launched in recent years?
As George Orwell said ''........some ideas are so stupid that only intellectuals believe in them.......''.
But with the unnecessary administration of MTD, the rigidity of CGT reporting, the snailmail HMRC standards and collapse of customer service generally , this is the bureaucratic effrontery we have come to expect - and continue to do so, whilst the incumbent C.E.O. keeps pulling the strings.
Surely having separate user access restrictions is mainly relevant to the larger firms with over 1,000 clients and thus many staff/departments, but it is these firms that are all permanently excluded from the update.
You couldn't make it up!
Muppets!
Once again a complete waste of taxpayers money and resources!!
The agent account and agent services account don't work to an acceptable level at present.
Fix the basics first!!
Lets talk about staff access. If I want to add a staff member so they can access one of your clients you would think that you could see what client your were adding by client name. NO! in HMRC's system the only reference it gives you to add a staff members access is the UTR of the client NO NAME, so you have to go and search in your other systems which client these UTR's are for.
This is just one example of the COMPLETE botched way HMRC does things.
No fit for purpose!
This is fine if and only if they don't create the same problem they did with the old agent account. When we moved from one login per firm to one login per person on that we had to manually, client by client, add all the staff who needed access to them. With four main taxes and over 2000 clients this, literally, took months.
All so we could have 2FA on the logins. Which had never, at least to our knowledge, been subject to any breach.
Whilst I'm a small practice, I would have thought this would have been a better tool, to keep data confidential, secure etc, for the larger practice with over 1,000 clients.
We are a 2 person outfit and if you add up our SA + CT + PAYE + VAT it would be well over 500 registrations.
A simple VAT registered company with a payroll and two directors will have 5......
We already have this farce with having to allocate all new registrations to staff (ie both of us) without any ability to default to "all" which would be sensible.
Oh HMRC, when will you ever learn? Stop giving us agents things we didn't ask for or want to 'help' us. All the problems we currently have with the multiple agent accounts and different log-ins for different taxes and you come up with this. I despair.
OTS Report from February 2022, page 4, para 2:
"Agents also have practical issues in managing staff access to HMRC agent services, the OTS considers it is important that HMRC understand those challenges and work with agents and others or such as software providers, to overcome or minimise them"