GDPR tax reclaim scheme preys on fears of SMEs

Small businesses have been warned to avoid companies offering them a way to claim tax refunds through a fake scheme linked to money they set aside to pay potential future General Data Protection Regulation (GDPR) fines.

Not-for-profit Tax Policy Associates said there are tax advisories offering small businesses, and IT suppliers in particular, a service that promises tax cuts on reserves put aside to cover possible fines for GDPR failures.

Tax Policy Associates founder Dan Neidle said these firms claim their work will help small businesses receive large tax refunds, and their charge is 30% of any refund. The scam was brought to his attention by accountants working for IT companies, which he said are an ideal target given that they may be most aware of and worried about GDPR compliance.

Tax Policy Associates warned that while HM Revenue & Customs (HMRC) was unlikely to scrutinise the claim immediately, and would therefore process the refund, it would review it later and then demand the money back. In the meantime, the small business has paid an advisory 30% of the refund it will have to pay back.

If organisations don’t comply with the GDPR, legal consequences can include large fines of up to 2% of annual global turnover. However, HMRC does not permit tax relief for these fines. 

Neidle said the fake reclaim scheme doesn’t work: “It fails so badly that those pushing it are either guilty of incompetence or fraud.”

Services being offered by the firms include assessing the level of risk in relation to GDPR and helping businesses restate accounts to back-date reserves made for potential GDPR fines.

“This is not tax planning, not tax avoidance, just plain fraud,” said Neidle.

“Making reserves for real anticipated liabilities is absolutely something legitimate for companies to do,” he added. “If my IT company messes up a contract with you, and I expect you’ll sue me for £1m next year, then it’s completely legitimate (and good prudent accounting) to make a reserve for £1m in my accounts this year. You’d get a tax deduction for this because it represents a real anticipated loss.

“If you really thought you’d get a GDPR fine, you’d do the same. But that’s most unlikely for almost all companies, and fines aren’t tax-deductible.”

Tax Policy Associates has called on HMRC to list the GDPR scheme in its “spotlight” of tax avoidance schemes that don’t work.

“HMRC needs to start prosecuting advisory firms that promote tax avoidance that cannot possibly work. It’s not avoidance, it’s fraud. And if HMRC thinks a prosecution is too hard under current law, the law should change,” said a Tax Policy Associates statement.

“We have a whole panoply of rules to stop tax avoidance and people who promote it. Those rules generally work. But modern ‘tax avoidance’ isn’t avoidance at all – it’s fraud – and civil law rules to stop avoidance are very little deterrent. Only the prospect of criminal sanctions will change the incentives.”