This chapter does not cover disclosing to Revenue and Customs Prosecuting Office (RCPO) or disclosure in HMRC Tribunals. Please see IDG67750 and IDG53000 respectively.
HMRC officers are subject to a statutory duty of confidentiality
provided for by the CRCA (see
IDG40500). This means you cannot
disclose information about HMRC customers except in specific
circumstances.
CRCA further sets out that HMRC officers may share
information they hold with other HMRC officers. Section 17 CRCA
states:
“Information acquired by the Revenue and
Customs in connection with a function may be usedby them in connection with any other
function.”
This means that, with a few exceptions (see below), any
information held by one part of the department may be passed to any
other part of the department provided there is a business need.
Business need means that there is a valid reason, directly
connected to HMRC’s functions, for information to be passed
from one person to another. There will
not be a business need where information is passed
from one person to another because that information may be
personally interesting.
Information that is properly obtained under a s20 TMA notice
is also covered by Section 17 CRCA and may be passed to another
part of the department where there is a valid business need. The
business need may be in respect of the same taxpayer or in relation
to the tax affairs of others. You may only disclose the minimum
information required to enable another business area to carry out
its functions.
If you receive a request for information from another part of
HMRC for customer information you may disclose that information
provided there is a business need. If you are not convinced of the
business need from the request you have received, ask your line
manager or seek advice from Information Strategy.
If you are aware of information about HMRC customers that
would benefit another part of HMRC, talk to your line manager about
passing this information on.
Practically speaking there are a number of efficient ways of
doing this within HMRC. For example:
Bogus callers, intending to access confidential information they are not entitled to, often claim they are calling from within HMRC. Please read the ‘Bogus Caller’ guidance on the (This text has been withheld because of exemptions in the Freedom of Information Act 2000)site for help in verifying the identity of callers. You can also seek advice from Information Strategy (see IDG90100).
Information received from an overseas tax authority under a bilateral agreement such as a double taxation treaty can, in most cases, only be used for the purposes of a direct tax function. However, information received from a tax authority in another EU Member State under an EC instrument concerning mutual assistance or administrative co-operation in the tax field may be used for the majority of HMRC’s tax functions (but may not be used for, or disclosed to a person concerned with, a non-tax function).
Information received from the Isle of Man customs and excise service under its bilateral agreement with HMRC regarding mutual assistance in the field of customs and excise may only be used in connection with one of HMRC’s functions in this field.
Information received under the Proceeds of Crime Act (POCA) 2002 may be shared more widely within the Department, but the rules governing such disclosures depend on its form. Information held on Suspicious Activity Reports (SARs) is considered to be sensitive and can only be disclosed to others within the Department on a 5x5x5 intelligence log, completed by an appropriately qualified officer. Those wishing to make a disclosure under these circumstances should follow the correct 5x5x5 procedure and place the appropriate marker on the (This text has been withheld because of exemptions in the Freedom of Information Act 2000)) is to be disseminated to an HMRC business area beyond HMRC Compliance, approval from CRI will be required. The disclosure of information contained within a (This text has been withheld because of exemptions in the Freedom of Information Act 2000)by one part of HMRC Compliance to another should be logged with CRI (although approval is not required). Information gathered by HMRC staff under POCA at a port/airport can be disclosed to any other areas of HMRC, but must still be done so using the 5x5x5 procedure. Other forms of information received under POCA, such as those provided to the department by order of a court of law, can be disclosed to any other area of HMRC when there is a business need to do so without the use of a 5x5x5 intelligence log. Please see Proceeds of Crime Act Guidance for further detail on using information received under POCA.
Information obtained under a section 20(2) TMA notice cannot be
used elsewhere if a claim to Legal Professional Privilege could be
sustained e.g. information obtained from a lawyer under a section
20(2) TMA notice cannot be used in relation to a client’s tax
affairs where the information could not be obtained under a section
20(3) TMA notice.
If you have this type of information – or other types
of information which may not be shared freely – it should
always be clearly marked. If you have any doubts, then ask your
manager first.
Please contact Risk & Intelligence Double Taxation Treaties
for further guidance on information received under a double
taxation treaty. See
IDG90100 for contact details.
Please contact Information Strategy (see
IDG90100) if you are unsure of any of
the issues covered in this guidance, or you are unclear as to
whether certain information may be shared within the
department.
