In April 2026, the UK government tightened the compliance requirements on those purchasing construction services that fall under the CIS.
The CIS covers various construction operations within the UK. It can require businesses caught by it to deduct tax from payments they make to sub-contractors for construction work. Most businesses must register if they pay sub-contractors, while sub-contractors can choose to register, and their registration status will determine how much withholding for tax (if any) is made from payments to them.
On 6 April 2026, HM Revenue & Customs (HMRC) introduced new powers to help them tackle fraud within construction supply chains. These powers were, perhaps unsurprisingly, quietly introduced as part of the Finance Act 2026 and are likely to place a considerable administrative burden on contractors caught by the CIS since they will now be required to have robust due diligence procedures in place to prevent such fraud.
Where a business makes a payment or applies a credit which is within the CIS and the business knew or should have known that a "connected party" had deliberately failed or would deliberately fail:
- to deduct a payment under the CIS;
- to account to HMRC for tax withheld from a payment under the CIS; or
- to deduct or pay an amount of PAYE,
HMRC can now do any of the following:
- require the business to account for income tax on the relevant payment it has made at the rate of 20% of the payment made or credit claimed;
- charge a penalty to the business of up 30% of the income tax assessed (which can potentially be recovered from the owner or a director of the business); and
- cancel the business' gross payment status if it is also registered as a sub-contractor with this status.
A "connected party" is deliberately widely defined and effectively includes any other party to, not only the business' own contracts, but also any party to any other construction contract relating to the same construction operations.
In determining who "knew or should have known", this is not statutorily defined and HMRC say this is an objective test. In relation to a corporate entity, this will include the knowledge of the officials of the corporate entity (directors and company secretaries) as well as employees (in any capacity) and third parties (agents, advisers etc.) who might have conducted or assisted in the relevant transaction.
When looking to apply a penalty to an officer of the relevant entity, HMRC guidance says that the test (i) for "knew", is whether HMRC can prove, on the balance of probabilities, that the company officer knew of the connection with the deliberate non-compliance and (ii) for "should have known" is whether a reasonable business person would have concluded that the company officer ought to have known that the only reasonable explanation for the relevant transaction was that it was connected with deliberate non-compliance.
HMRC do not prescribe a list of the checks that should be carried out but their CIS Reform Manual (which can be openly accessed via the HMRC Manual website) contains some suggestions about the evidence its officers should gather to demonstrate whether a person "knew or should have known" about deliberate compliance failures as well as some indicators that would suggest a person should have known that a transaction was connected with a deliberate failure to comply. This information should be used to inform the due diligence questions to be asked of sub-contractors. This is over and above any standard (and already required) CIS sub-contractor verification process which CIS contractors will already be familiar with. This could mean that a CIS contractor will need to consider the general tax compliance of various parties in the supply chain and also their tax disputes track record with HMRC and tax risk management procedures. This could, for example, include considering their employment status determinations and the use of umbrella companies to source labour etc. as well as identifying any unusual payment practices.
The new due diligence procedures should be undertaken prior to any payments being made to sub-contractors and, ideally, as soon as possible after heads of terms have been signed to identify any non-compliance risks before too much time/costs are incurred in respect of the relevant transaction. Having obtained responses to the due diligence enquiries, it is important that these are checked and considered properly (with records of such checks and consideration (together with the responses) being maintained) and acted on accordingly.
It is to be remembered that most JCT form contracts and development agreements will contain some provision for the operation of the CIS on payments. However, with the implementation of these new CIS rules, it would be wise to check the contractual protections afforded against any bad actors in the supply chain and the potential tax risk exposure to your business (and reputational risk) under these new anti-fraud measures.
There is no doubt that the updated CIS requirements will put more pressure on construction firms to detect supply chain fraud. If you have any questions concerning the new rules or the CIS generally, our specialist tax team can assist you.
