Property Capital Allowances – help with your HMRC enquiry

Property capital allowances banner image

HMRC enquires can be time-consuming and costly

Here we share how our property capital allowance claim helped our client draw their enquiry to a close!

An individual or a company may experience many or few HMRC enquiry’s during their working life cycle. It’s an experience very few (if any) would welcome and once an enquiry has started, it very rarely has a swift or stress-less conclusion.  Capital Allowance Review Service continues to build its clients numbers and technical prowess when working with clients and completing their Property Capital Allowance claims.

About the Enquiry

Our client based in the Midlands had been subject to a lengthy HMRC Enquiry into routine compliance issues.  Naturally, the enquiry had been a slow, drawn-out process showing no sign of conclusion.  There was a Property Embedded Capital Allowances audit being carried out on the group properties which produced a figure of £984,000 in unclaimed Capital Allowances.  The inspector was informed that the claim was going to be submitted and it was felt the correct course of action was to inform the enquiry team at an early date so they could include it in their deliberations.

As a result, a meeting was arranged with HMRC.  The inspector perused the working papers of the claim and immediately offered to agree to two-thirds of the claim.  The offer was rejected and it was explained how the numbers had been compiled and that they were quite welcome to scrutinize the due diligence applied when putting the claim together.  Following a conversation as to what HMRC hoped to achieve through the enquiry, it appeared that the tax they had in mind was a large number but would easily be ‘blown out of the water’ by the Property Capital Allowance claim.

Result!

It was agreed there would be a payment to HMRC of outstanding tax which was to be recovered by the taxpayer the following year. The Property Capital Allowance claim was agreed in full and the enquiry was closed.

Conclusion

If an enquiry or investigation is ongoing and the individual, partnership or company has commercial property interests, there is a distinct chance the conclusion of HMRC can be mitigated and the time-scales reduced.

PLEASE NOTE THAT IF THE ENQUIRY HAS BEEN COMPLETED WITH A SUCCESS TO HMRC, A CAPITAL ALLOWANCE AUDIT COULD RECOVER SOME OR ALL OF THE COSTS & PENALTIES.

Contact Us

If you need help with any current investigation, or property related capital allowance issue please contact Chris Roberts, 01782 749842.

This article has been reproduced with the permission of the Capital Allowance Review Service, who are featured on the Landmark Partner page

The original article is available here

GDPR compliance for accountants

GDPR compliance for accountants

The dust has settled, the 25th May 2018 has passed… All businesses, including accountancy practices, in the UK are now compliant with the new “all bells and whistles” data protection legislation: the General Data Protection Regulation, otherwise known as GDPR. Or are they?

GDPR compliance for accountants in 12 steps

This article details the steps I have taken, as a professional accountant, towards GDPR compliance for my own practice. It follows the 12 steps from our workbook solution but, whether you chose to use our workbook or not, I hope the article will give you a good overview of the key steps to follow to achieve GDPR compliance for your own accountancy firm.

In the lead up to the May 2018 deadline the ACCA backed a workbook solution to GDPR compliance for accountants that I co-authored with GDPR Auditing Ltd. The version we produced is written specifically for accountants. Demand for the workbook was significant and as an aid to subscriber firms I wrote a log of my progress, completing the twelve sections of the workbook for my small practice. A copy of these notes are reproduced below.

My experience of completing the 12 steps to GDPR compliance for accountants is documented below:

STEP 1 – Assigning responsibility for GDPR Compliance

Our Workbook (Tab one) is described as “Data Security Owner” (DSO). Under the GDPR someone needs to take responsibility for steering a business through the compliance process.

On the face of it, this is a simple decision for me as I am a sole trader and I have no staff. My choices are:

  • Take on the role myself, or
  • Delegate the role to a qualified 3rd party

I considered approaching my IT support company, but now I know more about GDPR, I have a sneaking suspicion that I know more about the process than they do.

I could also ask my colleagues at GDPR Auditing to do the work for me, but this quite rightly, would involve additional costs and it would defeat the object of this present exercise, which is to path-find the whole process for practitioners.

Most sole practitioners will find themselves in a similar position to me, larger practices may have a number of individuals who are suitable to take on the role. Before making a decision make sure you read through the three checklists on sheet one of the Workbook, as these will guide you on the duties, qualities and responsibilities that a DSO will need to embrace.

I have minuted that I will be the Swan Partnership Data Security Owner and I have applied myself to changing the “No” entries on my DSO checklists where appropriate.  The checklists are split into three sections:

  • Duties on the DSO
  • Qualities of the DSO
  • Organisations responsibilities

Some of the first section can only be completed when other parts of the process are completed, but I have managed to select “Yes” or “n/a” to most of the sections and this is a checklist that I will return to in due course.

STEP 2 GDPR Workbook – completing Record of Processing

The second step in my progress towards GDPR compliance is to complete the next page in my GDPR Workbook, the Record of Processing.

What is the Record of Processing?

It is an editable list of the variables that are used to create the various reports and tables throughout the Workbook. In effect, its a record of information about your practice and a description of certain data that describes the types of personal data you manage and other standard statements required by the GDPR.

Much of the work is already done for you

You will need to read and edit the information in column D of the Workbook sheet, it’s highlighted in blue. In my case, I changed the practice information and made minor changes to the pre-filled standard statements.

STEP 3 – Editing the Data Retention Schedule

The third step is a review and edit of the entries in the Data Retention Schedule.

What is the Data Retention Schedule?

The Data Retention Schedule is the place where you record various information about ALL sources of personal data you hold; whether this be of clients, prospects, staff or other business contacts.

In a nutshell it lists a variety of record types that cover the data, who looks after it, any basis for retention and other considerations required under the GDPR.

Again, much of the work is done for you

Before you panic, I pre-populated the first twenty lines of the Schedule with a generic description of most of the data records an accountancy practice will create. Accordingly, all you will need to do, as I have just done for the Swan Partnership, is edit, add or delete to mirror your practice data retention routines. In particular you should list the names of third-parties in column M of the worksheet, who are sent your personal data records.

STEP 4 – create a Privacy Notice for your online resources

This week my GDPR chore was to edit the Privacy Notice in the Workbook and send it to my website developer.

What is a Privacy Notice?

The Privacy Notice is required to be accessible from any online resources that you use to collect personal data. Your website is the prime example, but it could be Facebook, Twitter or other social media platform that your practice uses. The Notice explains how you respect, protect, collect and otherwise manage the personal data collected from your online platforms.

Do I have to create this document from scratch?

No… The Workbook creates the basic document based on the information you have already entered in steps 1 to 3. However, you will need to edit the copy. I suggest you follow the process I completed today. It was:

Edit the Workbook page for Step 4, you can edit the text where necessary (The key section is columns D and E). Don’t worry too much at this stage about layout, fonts etc.
When you have completed your basic edit highlight the range D4 to E125, right click and Copy, and paste into a new Word document. From here you can tidy up formatting and use this document to send to your web developer(s).

STEP 5 – create a privacy notice for your employee contracts

This part of the process was to edit the Privacy Notice in the Workbook and incorporate the finished document into my employee contracts. I need to confess that I have no employees, but I did edit the worksheet so that I could report on what is involved. Sheet 5 builds a privacy notice that communicates the way in which you manage the personal data of your staff.

Do I have to create this document from scratch?

No… The Workbook creates the basic document based on the information you have already entered in steps 1 to 4 and the standard copy we have added. However, you may need to edit the text. I suggest you follow the process I completed today. It was:

Edit the Workbook page for Step 5, you can edit the text where necessary (the key section is columns D and E). Don’t worry too much at this stage about layout, fonts etc. The blue text cannot be edited on this page, it is drawn from sheet 2, The Record of Processing, you will need to access sheet 2 if you want to edit this part of the text. The black text can be edited.

When you have completed your basic edit highlight the range D4 to E173, right click and Copy, and paste into a new Word document. From here you can tidy up formatting and use this document to incorporate into your employee contracts.

STEP 6 – create Client Agreement Notice

The GDPR requires that we are conscious of the terms we agree with persons who share their personal data with us. For accountants this is normally covered in terms and conditions that accompany client engagement letters.

Step 6 of our GDPR Workbook draws out the issues that need to be covered. Most of the information on Step 6 is drawn from the Record of Processing. Basically, the black copy can be edited.

No short cuts, just need to read the copy and change as necessary.

Changes to your letters of engagement?

The final section is important, the example contractual terms. You should already have something similar in your existing engagement letters. Edit the text on your workbook and then copy and paste into your present documents. This may cause complications if your professional overseers determine what goes in your T & Cs and engagement letters. If the two are at variance you should take up the differences with your professional body.

STEP 7 – Marketing Consent

Sheet 7 of the GDPR Workbook covers the gritty subject of consent. It is a checklist recording that you have considered, acted on and reviewed your obligation to seek, obtain and record consent where this is required by the GDPR. For each item listed on the checklist you need to change the status of the Check column to read “Yes” or “n/a”.

This section of the workbook is targeted, for accountants, at their business prospects, those individuals who in the past have informally consented to receive your newsletter or other marketing communications.

However unnecessary the process may seem. To comply with the GDPR your continuing consent to send marketing information needs to be evidenced from 25 May 2018.

How do we obtain consent?

I recommend that you login to your user portal, goto the 12-Steps(L) link and open and read the Consent PDF. Basically, there is no quick fix to this part of the process.

Consult with your marketing advisors

Most practices use a third party process to send marketing information. I suggest that you contact them and ask for a written assurance that the processes set out in the GDPR, and enshrined in your Workbook checklist, are observed. If not, you will need to re-think the way that your practice gathers and evidences consent and contact your existing marketing lists to seek adequate consent.

Do I have to seek separate consent to email clients with marketing material?

If your terms and conditions and letters of engagement include a statement that you send out “marketing” information to clients from time to time – and clients were able to opt in or out of this at the time you signed them up – then this should be considered sufficient consent. In which case further consent should not be required. However, this consent should not be bundled with the contract. i.e. you would be hard put to argue that receiving marketing and newsletters was a precondition of the accounting services.

Won’t I lose most of my marketing contacts?

When I first considered this issue of consent for my own businesses I realised that my existing records of consent were non-existent, and that I would need to start again, sending out requests for a formal (double opted-in) consent from contacts to cover the GDPR requirements. I will undertake this work before 25 May. Although this may result in the loss of 90% of my marketing contacts (and there are thousands) realistically only 10 or 15% open my marketing emails. So having a “willing to participate” list, all-be-it much reduced, is perhaps a worthwhile housekeeping process.

In summary

Time to bite the bullet on this issue. Read the Consent PDF, speak with your newsletter/marketing managers, if necessary, re-enrol your marketing lists in accordance with the GDPR and then complete your check list on sheet 7 of the Workbook.

STEP 8 – Security Awareness Log

This part of our workbook records that your staff have read and acknowledged their responsibilities under the GDPR by reading your practice Information Security Policy.

What is an Information Security Policy?

We have published a guide “Information Security Policy” on our support portal, the Supporting Documents section. The introduction to this document says:

This Information Security Policy is designed to provide your organisation with detailed guidance on common IT processes and procedures, and some good practice. It is intended to cover the Information Technology required for the GDPR.

In other words, it informs staff how they need to behave when using IT and data in your practice.

What do staff need to do?

To complete this section you will need to direct your staff to read our detailed Information Security Policy Review. This is a supporting document you can access on your GDPR support portal.

Record individual compliance with this obligation on the Workbook log, section 8. For completeness, you should ensure that you download the draft Security Awareness Training acknowledgement and each staff member should sign as appropriate.

Is this a one-off exercise?

You will need to repeat the process annually, for existing staff, and as part of your induction processes for new staff. If the rules change we will update the various guides and templates.

STEP 9 – 3rd party contracts

This section of the Workbook deals with issues arising from the placement of personal data under your control with 3rd parties. For example, subcontractors and software vendors where your data is held in the cloud.

No short cuts here

Without confirmation that these 3rd parties are GDPR compliant it would appear that lapses in their security arrangements then become your problem.

The last three sections of this page provide details of the sorts of terms that should be included in contracts, whether you are the Controller or Processor in the arrangement.

Resources in the support portal

You should also read the guide (step 9) set out in the “12-Steps” section of the support portal. You can also download a “Draft request to send to 3rd parties” that you can adapt (see the Templates and Downloads section of the support portal).

Practical issues

For me, the major issue is chasing up software vendors. Once you are confident of the terms you need to agree with 3rd parties, you will need to be persistent to secure their confirmation that contracts in place confirm GDPR compliance.

STEP 10 – requests from data subjects

Action is only required here when you receive a formal request from a data subject for details of the personal data you hold.

The Workbook log includes statutory deadlines and maps the way you have dealt with requests.

For background on your responsibilities in this area read the Step 10 support notes.

Pleased to say there are no entries thus far in my log…

STEP 11a and 11b record of data breaches

From a GDPR perspective, data breaches are our worst nightmare. By accessing our systems, hackers and the like gain access to personal data placed in our care; and the consequences can be dire.

Read the support notes

The two pages in your workbook, 11a and 11b, provide the means to log these breaches, if they ever occur, and the action you have taken thereafter.

Read the relevant support notes. All of the work you have done in completing your GDPR Workbook is aimed at minimising data breach and its consequences.

Pleased to say that thus far I have no breaches to report.

STEP 12 – the Technical and Organisation Security Measures (TOSM)

For me, this is the most daunting part of the compliance process. Definitely outside my comfort zone.

Still work to do here

I have to confess that I am unlikely to have this completed for the 25th deadline. I am in conversation with IT support contractors I use and everyone seems to have a different appreciation of what is required.

What is the TOSM?

The TOSM is a comprehensive check list of the data and organisational issues you need to deal with in order to be compliant with the GDPR.

Read the support documentation

Again, you will find supporting documentation in the support portal. Where necessary you will need to consult with the staff or outside
contractors who look after your IT and other related matters.

Job done – these 12 steps form the basic structure of our workbook to enable GDPR compliance for accountants

If you’d like more detail about our ready-made solution to achieve GDPR compliance for your own practice, take a look at the ACCA promoted accountant’s GDPR workbook we have created here.

Or you can call me to discuss your concerns regarding GDPR compliance – Bob Edwards 07879 896073

Advertise services to accountants – become a Landmark partner firm

Accountants meeting

An introduction to the Landmark Partner opportunity written by Bob Edwards FCCA.

No person is an island and in much the same vein, no advisor – or at least none that I have met – has all the skills required to meet every possible problem presented by clients. At some time in our careers, we will all need the help of a specialist firm. There are chat forums where ideas can be exchanged. Most practitioners will be familiar with the Accounting Web for example. The problem with these, in my experience, is that most contributors are cloaked behind pseudonyms and it is sometimes difficult to sort good from bad advice.

Promote your services to our network of accountants

Landmark has a contact network of approaching 4,000 accountancy firms. From time to time I have been asked to recommend specialist advisors to accountancy practitioners which I have been pleased to do. This activity has encouraged me to believe that a one-stop facility, where accountants can track down the skills or second opinions they need, would be welcomed. The launch of the Landmark Partner page on our website is my attempt to provide this. To be clear, this facility will promote your specialist services to accountancy practitioners, and not to the wider business community.

Benefits and features of the Landmark Partner Program

  • Landmark’s 4,000 strong contact list of accountancy practitioners will be advised periodically of firms featured on the Partner page.
  • Featured firms can contribute articles to the Landmark Blog. I recommend that these articles focus on a specific area of advice that is offered.
  • Articles by partner firms will include link-backs to the writer’s website and other contact details.
  • Partner firms can pre-select the areas of expertise that they offer professional colleagues when they sign up.
  • As well as the advertising block on the Partner page, subscribing firms also have a linked page which has more information about your firm and the services you offer. This could include testimonials from accountants who have used your services in the past.
  • We will publish monthly global stats regarding web traffic to the Partner page taken from our Google Analytics’ data.

Does your practice fit the Landmark Partner profile?

Ideally your practice should specialise in one of the key areas listed below. Accountancy firms who need advice will be looking for evidence that you have a proven track record and the easiest way to demonstrate this is to include one or two testimonials from practitioners who have received and appreciated your advice in the recent past.

Categories you could advertise services to accountants on our Partner page

  • Business tax planning
  • Personal tax planning
  • VAT
  • GDPR
  • Money Laundering Regulations
  • Practice Marketing
  • Property tax planning
  • Estate planning
  • R&D tax credits
  • Capital Allowances
  • HMRC investigations
  • Insolvency

Frequently asked questions about advertising your services the Landmark partner programme

What sort of articles should you write for the Landmark blog

The articles that we publish and accredit to your firm on the Landmark blog and newsletters should demonstrate a measure of excellence in the services you want to offer to other accountancy firms. They should impress fellow practitioners and inspire confidence that you can deliver what they need without necessarily spelling out how you would achieve the expected result. For example, a simple way to achieve this would be to outline actual case studies (without disclosing any personal information). Ideally, the copy should be no more than 500 words.

How much does it cost to feature on the Landmark Partner page?

Initially, and in order to encourage participation and develop gravitas for the page, I am only charging a nominal fee to participate: £150 plus VAT per quarter or an annual fee of £480 plus VAT.
I will review these costs autumn 2019 when we have evidence that the idea has legs and partner firms are winning new business as a direct result of their participation. If you need further information, please call me any time (M) 07879 896073 (E) bob@landmarkpd.co.uk or visit the Partner Page on our website.

Act now to advertise services to our network of accountancy firms

Your firm’s position on the Partner page will depend on the date of your registration.
Basically, the advertising blocks will rank from top left to bottom right.
Accordingly, early bird subscribers will remain towards the top of the webpage as long as they maintain their subscription.

Visit the Partner Page on our website

blog text content for accountants

Get 4 professionally written articles to use on your website absolutely FREE

Simply sign up to my Weekly Insight newsletter (*)

No copyright restrictions

(*) offer applies to new subscribers only