2019

New fraud prevention measures take effect

Call

From 1 April 2019, when Making Tax Digital for VAT begins, regulations SI. 360/2019 require software suppliers to ensure their products capture and transmit all available transaction monitoring metadata electronically as part of the VAT submission.

This information will be transmitted to HMRC systems, where it will be stored securely as part of their transaction monitoring policy for the prevention of fraud. 

The data provided will be used by HMRC to monitor transactions to protect taxpayers from infringement of their data by criminals or fraudsters. Without this protection, personal data could be compromised, leading to fraud against taxpayers or the UK Exchequer.

It is a legal requirement for software developers to provide this information. Non-compliance could mean a penalty of £3,000 and access to the HMRC systems removed, which would mean non-functioning software.

The data that we are required to submit is as follows:

Gov-Client-Connection-Method 

Was the submission made via a desktop product, mobile app, website, etc? 

Gov-Client-Public-IP 

The public IP address (IPv4 or IPv6) from the customer’s device. Globally unique IP accessible over the internet 

Gov-Client-Public-Port 

The public TCP port from the customer’s device. 

Gov-Client-Timezone 

User local timezone 

Gov-Client-Screens 

width and height of a user’s monitor (measured in pixels) and colour depth 

Gov-Vendor-Version 

Software name and version number 

Gov-Vendor-Public-IP 

IP address of the servers we make submissions to 

Gov-Client-User-IDs 

Windows User ID and IRIS user ID 

Gov-Client-Local-Ips 

A list of all local IP addresses (IPv4 and IPv6) available to the originating device. 

Gov-Client-Window-Size 

Width and height of the software window (measured in pixels) 

Gov-Vendor-License-IDs 

Hashed version of the IRIS customer ID 

Gov-Client-MAC-Addresses 

List of MAC addresses available on the originating device 

Gov-Client-User-Agent 

Make and model of clients machine and their operating system name and version 

 

We are, therefore, helping to protect taxpayers’ confidential data by securely sending HMRC the data above, which HMRC will then record and monitor to ensure that the VAT return is submitted by the person responsible, and not by a criminal posing as the taxpayer or their agent.

 

Posted by
Jenny Strudwick
29 March 2019
IRIS on Twitter IRIS blog IRIS on LinkedIn IRIS on YouTube