New fraud prevention measures take effect

By Jenny Strudwick | 29th March 2019 | 8 min read

From 1 April 2019, when Making Tax Digital for VAT begins, regulations SI. 360/2019 require software suppliers to ensure their products capture and transmit all available transaction monitoring metadata electronically as part of the VAT submission.

This information will be transmitted to HMRC systems, where it will be stored securely as part of their transaction monitoring policy for the prevention of fraud. 

The data provided will be used by HMRC to monitor transactions to protect taxpayers from infringement of their data by criminals or fraudsters. Without this protection, personal data could be compromised, leading to fraud against taxpayers or the UK Exchequer.

It is a legal requirement for software developers to provide this information. Non-compliance could mean a penalty of £3,000 and access to the HMRC systems removed, which would mean non-functioning software.

The data that we are required to submit is as follows:


Was the submission made via a desktop product, mobile app, website, etc? 


The public IP address (IPv4 or IPv6) from the customer’s device. Globally unique IP accessible over the internet 


The public TCP port from the customer’s device. 


User local timezone 


width and height of a user’s monitor (measured in pixels) and colour depth 


Software name and version number 


IP address of the servers we make submissions to 


Windows User ID and IRIS user ID 


A list of all local IP addresses (IPv4 and IPv6) available to the originating device. 


Width and height of the software window (measured in pixels) 


Hashed version of the IRIS customer ID 


List of MAC addresses available on the originating device 


Make and model of clients machine and their operating system name and version 


We are, therefore, helping to protect taxpayers’ confidential data by securely sending HMRC the data above, which HMRC will then record and monitor to ensure that the VAT return is submitted by the person responsible, and not by a criminal posing as the taxpayer or their agent.


About the author

Jenny Strudwick

Senior Product Manager

Jenny is Senior Product Manager for Tax at IRIS. She has been with IRIS for over 18 years working across many different departments including Support, Engineering and now Product Management. During this time she has been instrumental in major tax changes from FBI to iXBRL and now MTD. Jenny works closely with HMRC on major changes in taxation especially now as they develop their MTD strategy. Prior to joining IRIS, Jenny spent a number of years in practice and has now accumulated over 21 years’ experience in UK taxation and tax software.