CIS Fraud Rules for Contractors UK Tighten: Miss Fraud, Pay the Price

Starting 6 April 2026, CIS fraud rules for contractors in the UK will make them responsible for spotting fraud in their supply chains. HMRC’s new powers mean that businesses that fail to perform proper checks on subcontractors may lose tax privileges, be assessed for unpaid taxes, and face personal penalties. This article explains the changes and outlines practical steps for UK construction firms.

What has changed

In the Autumn 2025 Budget, the government announced legislation amending Part 3, Chapter 3 of the Finance Act 2004, and the Income Tax (Construction Industry Scheme) Regulations 2005. Starting in April 2026, HMRC can take action against a business that was aware or should have been aware of a payment’s connection to fraudulent tax evasion. Three consequences follow:

• Gross payment status (GPS) can be cancelled without notice. Businesses that receive payments without deductions can lose this privilege immediately. Once cancelled, they cannot reapply for five years and must suffer 20% CIS deductions on all payments.
• Liability for lost tax. If HMRC establishes a fraud link, the business may be assessed for the tax that was evaded. Even contractors who complied with their obligations could end up paying a subcontractor’s unpaid income tax and National Insurance.
• Penalties of up to 30%. HMRC can charge a penalty of up to 30% of the lost tax to the business and, importantly, to its directors and other connected parties. RSM UK warns that officers could be held personally liable for failure to detect fraud.

The reforms mirror the VAT Kittel test, where businesses can lose tax deductions if they knew or should have known about fraud.

Why it matters and who is affected

The reforms significantly increase accountability within the Construction Industry Scheme, strengthening CIS compliance for construction contractors in the UK. HMRC’s position is clear: responsibility for identifying fraud no longer sits only with the fraudulent party. It applies to any business that knew or should have known of the fraud risk.

Under the updated rules, HMRC can:

• Remove Gross Payment Status immediately
• Hold the business liable for the tax loss
• Apply penalties to both the business and individuals connected to it

These powers apply to businesses that have engaged in transactions linked to fraudulent tax evasion, even indirectly. HMRC’s guidance confirms that the measures target businesses that knowingly participate in or fail to challenge suspicious arrangements within their supply chain.

Get Free Consultation

Call Anytime 0203 883 4777

Get Free Consultation

Importantly, the scope extends beyond deliberate wrongdoing. The inclusion of the phrase “should have known” places a clear expectation on businesses to carry out appropriate due diligence before entering into transactions.

The measures are designed to target a minority of non-compliant businesses, rather than the wider sector. HMRC explicitly states that compliant businesses conducting proper checks should not face any repercussions.

However, the practical implication is broader. Contractors operating within CIS must now demonstrate that they took reasonable steps to:

• Assess the legitimacy of subcontractors
• Review the nature of transactions
• Identify indicators of potential fraud

If you don’t, you may be liable for fraud, even if your business didn’t profit from it.

These changes reflect a wider policy objective: reducing tax losses, disrupting organised fraud within construction supply chains, and maintaining fair competition across the sector.

The cost of failing to spot fraud

The consequences under the revised CIS rules are direct and enforceable under UK tax legislation.

HMRC can take action if it determines that a business knew or should have known about a payment’s connection to fraudulent tax evasion.

• Cancel Gross Payment Status immediately under Finance Act 2004 provisions
• Prevent reapplication for up to five years
• Assess the business for the tax loss linked to the fraudulent transaction
• Charge penalties on the business and connected persons, including directors

HMRC’s internal CIS reform guidance confirms that liability can arise even where the business has met its tax obligations if it entered into a transaction connected to fraud.

Therefore, the financial exposure can encompass the following, especially when construction businesses in the UK fail to manage the CIS fraud risk effectively:

• Repayment of tax that was never directly owed by the contractor
• Additional penalties based on the lost tax
• Ongoing cash flow pressure where CIS deductions apply after loss of gross payment status

Beyond the immediate tax impact, HMRC expects businesses to demonstrate that they have taken reasonable steps to prevent involvement in fraudulent arrangements. Failure to do so increases the risk of being treated as having participated in non-compliance within the supply chain.

Get Free Consultation

Call Anytime 0203 883 4777

Get Free Consultation

Practical steps to reduce exposure

HMRC guidance remains consistent: CIS compliance for construction contractors in the UK requires businesses to conduct appropriate and documented due diligence to avoid these measures. The emphasis lies on the actions taken to ensure their reasonableness.

A defensible approach should include:

• Verify subcontractor status with HMRC
  Confirm CIS registration and payment status before making any payment. HMRC expects businesses to rely on verified information rather than assumptions.
• Assess the commercial credibility of transactions
  HMRC guidance highlights that businesses should question arrangements that appear inconsistent with normal commercial practice, including pricing that appears unrealistic.
• Identify and investigate risk indicators
  HMRC refers to circumstances where a reasonable person would suspect non-compliance. These include unusual structures, unclear payment flows, or inconsistencies in business activity.
• Maintain clear and contemporaneous records
  Evidence of due diligence is critical. HMRC places weight on documented checks, risk assessments, and decisions made at the time of the transaction.
• Apply ongoing monitoring, not one-time checks
  The “should have known” test considers what a business ought to have identified over time. Regular review of subcontractors and transactions is therefore expected.
• Establish internal procedures and accountability
  Businesses should ensure that staff responsible for engaging subcontractors understand CIS obligations and escalation processes where concerns arise.

The key point is not perfection, but demonstrable, reasonable action. HMRC’s test is based on what a competent business in the same position would have done, given the information available at the time.

How Apex Accountants can help you manage CIS fraud exposure

The updated CIS rules place clear responsibility on contractors to identify and address CIS fraud risk for construction businesses in the UK. Apex Accountants & Tax Advisors provides practical, focused support to help you meet these expectations with confidence.

We can:

• Assess your current supply chain checks and identify gaps
• Strengthen due diligence processes in line with HMRC expectations
• Support accurate and timely CIS reporting and filings
• Build simple, risk-based frameworks for subcontractor verification
• Train your team to identify warning signs and act early
• Assist with HMRC reviews, enquiries and compliance matters

Contact Apex Accountants today for tailored support.

FAQs

When do the new CIS measures start? 

They apply starting April 6, 2026.

What triggers loss of gross payment status? 

HMRC can cancel GPS if it proves that a business knew or should have known that a payment was connected to fraud.

How long is the reapplication ban? 

If GPS is revoked under the new rules, the business cannot reapply for five years.

What penalties apply? 

The HMRC may assess the lost tax and charge a penalty of up to 30 %, which can apply to directors.

What due diligence does HMRC expect? 

Verify CIS registrations, check market rates, investigate red flags, and keep detailed records.