Skip to main content
Take the Tax Tech Maturity Assessment
Button Text
6 min read
Business insights

Start CCO Compliance Right: Begin with Tax ID Validation

HMRC’s first Corporate Criminal Offence charges signal a new compliance reality. Discover how real-time counterparty verification reduces risk and meets prevention procedure requirements.

Ravi Dhaliwal
Ravi Dhaliwal
Director - Tax Technology GTM
Published
Aug 12, 2025
Last update
Sep 5, 2025
Start CCO Compliance Right: Begin with Tax ID ValidationStart CCO Compliance Right: Begin with Tax ID Validation

The Corporate Criminal Offence (CCO) provisions, introduced under the UK’s Criminal Finances Act 2017, make it a criminal offence for companies to fail to prevent the facilitation of tax evasion by employees, agents, or other associated persons.

HMRC has now filed its first ever CCO case, charging an accountancy firm and six individuals over alleged R&D repayment fraud. The charges, which include cheating the public revenue and money laundering. 

For years, many organisations viewed the CCO as a theoretical risk. But with a landmark charge now on record, it’s clear that this is no longer a compliance footnote, it’s an enforceable reality.

The message from HMRC is simple: passive policies aren’t enough. Businesses must demonstrate that they’ve taken proportionate, documented steps to prevent facilitation of tax evasion or face serious legal and reputational consequences. In today’s global, fast moving business environment, that’s only possible with technology driven controls embedded into your operations. 

A key element of the CCO framework is to Know Your Counterparty (KYC). It's critical to take simple steps like validating counterparty Tax IDs, matching their names and addresses to help ensure they are genuine businesses. These are foundational checks companies should perform to mitigate significant business risk and charges. 

HMRC expects tax evasion prevention. Tech can help.

The CCO requires “reasonable prevention procedures” that are robust, documented, and auditable. A core part of this is effective due diligence, which means: 

  • Knowing exactly who you are transacting with
  • Ensuring counterparties are legitimate and properly registered
  • Verifying they operate in the correct jurisdiction
  • Confirming they aren’t using fraudulent credentials to commit or facilitate tax evasion

Manual checks alone can’t keep up with the speed and complexity of modern business. That’s where automation and integration become essential turning due diligence into a real-time safeguard rather than a retrospective box-tick. Without these safeguards, businesses risk not only regulatory penalties but also legal proceedings.

Fonoa helps you stay ahead of tax policies

Fonoa’s Tax ID Validation solution enables businesses to operationalise these safeguards at scale by verifying VAT numbers directly against official databases in real time. This delivers:

  • Instant legitimacy checks: Confirm counterparties are genuine taxable persons in the correct jurisdiction, matching name, address and VAT IDs
  • Audit-ready records: Every check is logged, creating a verifiable compliance trail
  • Workflow integration: Embed validations into onboarding, procurement, and payment systems
  • Proactive prevention: Stop transactions with invalid or suspicious registrations before they happen

Technology-driven Know Your Counterparty (KYC) controls not only meet regulatory expectations but also protect business integrity and prevent operational risk.

The bottom line: Active prevention starts with technology

The first CCO prosecution is a wake-up call: the expectation is active prevention, and the most effective way to achieve it is through embedded, automated, and auditable technology controls.

With Fonoa’s tax ID validation solution Lookup, businesses can verify VAT, GST, and TINs (Tax Identification Numbers) in 110+ countries in real time against official government databases, confirming validity and matching registered entity details. 

Every validation is logged, creating a digital audit trail which integrates seamlessly into onboarding, procurement, and payment workflows to block risky transactions before they occur.

See it in action: Book a demo with Fonoa and discover how real-time tax ID checks can protect your business.

FAQs: Corporate Criminal Offence and technology-driven compliance

1. What is the UK Corporate Criminal Offence (CCO)?

The Corporate Criminal Offence (CCO) provisions, introduced under the UK’s Criminal Finances Act 2017, make it a criminal offence for businesses to fail to prevent the facilitation of tax evasion by employees, agents, or other associated persons. Companies must have proportionate prevention procedures in place or face prosecution.

2. Why is the first CCO prosecution significant?

HMRC brought its first ever case under the CCO provisions, filing charges against a business and several individuals in connection with alleged tax-related offences. While the case is ongoing, it marks the first time the CCO has moved from policy to active legal action. This development is a clear signal that passive policies are no longer enough, HMRC expects businesses to have robust, documented, and auditable prevention measures in place as part of their defence against a “failure to prevent” offence.

3. What are “reasonable prevention procedures” under the CCO?

Reasonable prevention procedures are proportionate, risk-based measures designed to prevent associated persons from facilitating tax evasion. HMRC outlines six guiding principles: carrying out regular risk assessments, applying proportionate policies and controls, undertaking due diligence on counterparties, providing training, establishing escalation channels, and reviewing procedures regularly.

One aspect of these procedures may include documented processes to verify counterparties, confirm their legitimacy, and detect suspicious activity. This can involve Know Your Counterparty (KYC) checks such as tax ID validation, implemented as part of a wider, multi-layered compliance program.

4. How can technology help meet CCO compliance requirements?

Technology-driven controls automate due diligence by validating tax IDs, matching entity names and addresses, and creating a digital audit trail. Automation ensures checks happen in real-time, reducing the risk of human error and enabling businesses to block risky transactions before they occur.

5. What is Fonoa’s tax ID validation solution and how does it work?

Fonoa’s Lookup solution verifies VAT, GST, and TINs in 110+ countries directly against official government databases. It instantly confirms whether a counterparty is a genuine taxable person in the correct jurisdiction, logs every check for audit purposes, and integrates seamlessly into onboarding, procurement, and payment workflows.

6. What are the risks of not using technology-driven controls for CCO compliance?

Without automated controls, businesses may find it harder to scale checks, keep them consistent, and produce evidence on demand. Weak or inconsistent prevention procedures increase the risk of regulatory penalties, legal action, reputational damage, and financial loss if a CCO offence occurs.

What’s covered
Example H2
Example H3
Learn about related Fonoa solutions
Tax ID validation
Check out more in this blog series:

No items found.
No items found.
No items found.

The practical guide to pitch indirect tax automation to CFOs

Learn the proven 8-step plan to make the case for indirect tax automation using CFO metrics like DSO and audit risk. Trusted by Uber, Zoom, and more.

Ravi Dhaliwal

Ravi Dhaliwal

Director - Tax Technology GTM

Ravi Dhaliwal brings over 16 years of expertise in indirect tax technology, driving transformation across the entire tax lifecycle from determination and calculation to compliance reporting, e-invoicing, and digital reporting. At Fonoa, Ravi works with global enterprises to embed scalable, technology-driven controls that strengthen tax governance, reduce risk, and future-proof compliance in an increasingly digital tax world.

Button Text
Share

Related resources

The Importance of Clean Master Data for Tax and Finance OperationsThe Importance of Clean Master Data for Tax and Finance Operations
Practical tips
September 25, 2025

The Importance of Clean Master Data for Tax and Finance Operations

Why Tax IDs Change: 5 Common Reasons and How Frequently to Expect itWhy Tax IDs Change: 5 Common Reasons and How Frequently to Expect it
Practical tips
September 22, 2025

Why Tax IDs Change: 5 Common Reasons and How Frequently to Expect it

The Compliance and Legal Risks of Invalid Tax IDsThe Compliance and Legal Risks of Invalid Tax IDs
Practical tips
September 18, 2025

The Compliance and Legal Risks of Invalid Tax IDs

Get your demo,
see everything in action.

Get your demo

What’s new

Fonoa Technologies Ltd
Registered in Ireland. Company Number: 677236
Registered Office: 6th Floor, South Bank House, Barrow Street, Dublin D04 TR29
VAT Number: IE3717232WH
2025 Fonoa. All rights reserved.
Privacy policyTerms of service
Privacy Policy Cookie Policy