HMRC state in its report that it is conscious of the need to accelerate its plans in this area in order to fully realise the benefits of RTI data for PAYE customers, and to its departmental operations as a whole.
The full report can be accessed here - Real Time Information programme - post implementation review report .
The report provides the specifics of the background to the Post Implementation Review, the objectives of the review and the outcome and benefits. It also includes the detail of recommendations and subsequent actions and HMRC state that it is creating a plan to monitor progress made against each of the recommendations and that it will share that plan with its main stakeholder groups (which includes the CIPP so we shall keep you updated accordingly).
Back to Contents
Government Gateway PAYE for employers entry validation codes 12 December 2017
2 Step Verification (2SV) is a requirement for most businesses accessing HMRC’s online services and has prompted discussions over the last few months about the way the access code is sent to users.
2SV protects government credentials from hijack or malware by asking the customer to enter a 6 digit code, sent to a mobile phone or landline, each time they log into their digital services.
This is an area that has initiated dialogue through various channels, including CIPP’s LinkedIn group. There are reports of issues in particular where an office has only one landline, no work mobile phones and several PAYE references to deal with. Many people understandably want to avoid having to use their personal mobile phone for work purposes. One solution that has been set up for one company is an inbox that emails the access code received by SMS to a selected group of team members who can then use the code to access the account. As per one of the Tax Agent Blogs many businesses need to delegate account access to members of their staff to handle aspects of their tax. This can still be done with 2SV. Access credentials should not be shared . Instead, business users can utilise their administrator and assistant functionality - in their Business Tax Account - to create additional users for individuals requiring access to their account. Each of these credentials will then have its own 2SV.
We asked HMRC if they were looking at the possibility of sending codes via email or if there was an alternative solution in the pipeline? Their response was this:
“Previously, we have looked at email as an option for extra security. For a number of reasons, we have found that it is not secure enough for us to use as a form of 2-Factor Authentication. However, we do constantly re-evaluate all possible extra security methods based on the changing online security landscape and email is always part of that exercise. HMRC Extra Security Process has been created to ensure one account is not shared between multiple users. When setting up extra security, you will be able to create Admin and Delegate accounts so every user will have an account which they can then protect with extra security. To provide different options for users, we offer Mobile SMS, landline, or the option of an authenticator application. The HMRC App (which we recommend) is available on the Windows, Apple and Google stores for free or you can use one of the many free authenticator applications available for Windows, Android and ISO (such as Google Authenticator).”
If you do encounter issues using 2SV with HMRC, the Online Services Helpdesk is available to assist.
Back to Contents
Scottish draft budget sets ‘distinct income tax policy’ for Scotland 15 December 2017
The Scottish draft budget proposals introduce a new 19p Starter Rate of tax, freeze the basic rate at 20p, introduce a new Intermediate Rate of 21p and an increase to both the Higher Rate and Top Rate by 1p respectively.
The Chartered Institute of Payroll Professionals
Policy News Journal
cipp.org.uk
Page 326 of 516
Made with FlippingBook - Online magazine maker