CIS Fraud Rules for Contractors UK Tighten: Miss Fraud, Pay the Price

Published by Sidra posted in Resources on 16 April 2026

Starting 6 April 2026, CIS fraud rules for contractors in the UK will make them responsible for spotting fraud in their supply chains. HMRC’s new powers mean that businesses that fail to perform proper checks on subcontractors may lose tax privileges, be assessed for unpaid taxes, and face personal penalties. This article explains the changes and outlines practical steps for UK construction firms.

What has changed

In the Autumn 2025 Budget, the government announced legislation amending Part 3, Chapter 3 of the Finance Act 2004, and the Income Tax (Construction Industry Scheme) Regulations 2005. Starting in April 2026, HMRC can take action against a business that was aware or should have been aware of a payment’s connection to fraudulent tax evasion. Three consequences follow:

Gross payment status (GPS) can be cancelled without notice. Businesses that receive payments without deductions can lose this privilege immediately. Once cancelled, they cannot reapply for five years and must suffer 20% CIS deductions on all payments.
Liability for lost tax. If HMRC establishes a fraud link, the business may be assessed for the tax that was evaded. Even contractors who complied with their obligations could end up paying a subcontractor’s unpaid income tax and National Insurance.
Penalties of up to 30%. HMRC can charge a penalty of up to 30% of the lost tax to the business and, importantly, to its directors and other connected parties. RSM UK warns that officers could be held personally liable for failure to detect fraud.

The reforms mirror the VAT Kittel test, where businesses can lose tax deductions if they knew or should have known about fraud.

Why it matters and who is affected

The reforms significantly increase accountability within the Construction Industry Scheme, strengthening CIS compliance for construction contractors in the UK. HMRC’s position is clear: responsibility for identifying fraud no longer sits only with the fraudulent party. It applies to any business that knew or should have known of the fraud risk.

Under the updated rules, HMRC can:

Remove Gross Payment Status immediately
Hold the business liable for the tax loss
Apply penalties to both the business and individuals connected to it

These powers apply to businesses that have engaged in transactions linked to fraudulent tax evasion, even indirectly. HMRC’s guidance confirms that the measures target businesses that knowingly participate in or fail to challenge suspicious arrangements within their supply chain.

Get Free Consultation

Call Anytime 0203 883 4777

Get Free Consultation

Importantly, the scope extends beyond deliberate wrongdoing. The inclusion of the phrase “should have known” places a clear expectation on businesses to carry out appropriate due diligence before entering into transactions.

The measures are designed to target a minority of non-compliant businesses, rather than the wider sector. HMRC explicitly states that compliant businesses conducting proper checks should not face any repercussions.

However, the practical implication is broader. Contractors operating within CIS must now demonstrate that they took reasonable steps to:

Assess the legitimacy of subcontractors
Review the nature of transactions
Identify indicators of potential fraud

If you don’t, you may be liable for fraud, even if your business didn’t profit from it.

These changes reflect a wider policy objective: reducing tax losses, disrupting organised fraud within construction supply chains, and maintaining fair competition across the sector.

The cost of failing to spot fraud

The consequences under the revised CIS rules are direct and enforceable under UK tax legislation.

HMRC can take action if it determines that a business knew or should have known about a payment’s connection to fraudulent tax evasion.

Cancel Gross Payment Status immediately under Finance Act 2004 provisions
Prevent reapplication for up to five years
Assess the business for the tax loss linked to the fraudulent transaction
Charge penalties on the business and connected persons, including directors

HMRC’s internal CIS reform guidance confirms that liability can arise even where the business has met its tax obligations if it entered into a transaction connected to fraud.

Therefore, the financial exposure can encompass the following, especially when construction businesses in the UK fail to manage the CIS fraud risk effectively:

Repayment of tax that was never directly owed by the contractor
Additional penalties based on the lost tax
Ongoing cash flow pressure where CIS deductions apply after loss of gross payment status

Beyond the immediate tax impact, HMRC expects businesses to demonstrate that they have taken reasonable steps to prevent involvement in fraudulent arrangements. Failure to do so increases the risk of being treated as having participated in non-compliance within the supply chain.

Get Free Consultation

Call Anytime 0203 883 4777

Get Free Consultation

Practical steps to reduce exposure

HMRC guidance remains consistent: CIS compliance for construction contractors in the UK requires businesses to conduct appropriate and documented due diligence to avoid these measures. The emphasis lies on the actions taken to ensure their reasonableness.

A defensible approach should include:

Verify subcontractor status with HMRC
Confirm CIS registration and payment status before making any payment. HMRC expects businesses to rely on verified information rather than assumptions.
Assess the commercial credibility of transactions
HMRC guidance highlights that businesses should question arrangements that appear inconsistent with normal commercial practice, including pricing that appears unrealistic.
Identify and investigate risk indicators
HMRC refers to circumstances where a reasonable person would suspect non-compliance. These include unusual structures, unclear payment flows, or inconsistencies in business activity.
Maintain clear and contemporaneous records
Evidence of due diligence is critical. HMRC places weight on documented checks, risk assessments, and decisions made at the time of the transaction.
Apply ongoing monitoring, not one-time checks
The “should have known” test considers what a business ought to have identified over time. Regular review of subcontractors and transactions is therefore expected.
Establish internal procedures and accountability
Businesses should ensure that staff responsible for engaging subcontractors understand CIS obligations and escalation processes where concerns arise.

The key point is not perfection, but demonstrable, reasonable action. HMRC’s test is based on what a competent business in the same position would have done, given the information available at the time.

How Apex Accountants can help you manage CIS fraud exposure

The updated CIS rules place clear responsibility on contractors to identify and address CIS fraud risk for construction businesses in the UK. Apex Accountants & Tax Advisors provides practical, focused support to help you meet these expectations with confidence.

We can: